Non destructive change of Windows 10 administrator account password

5

Is it possible to change the password of a local administrator account without either wiping it's profile or providing the old password, if no password reset disk has been created?

I have been asked to help out with a machine which has been happily working with the same password for months and suddenly after Anniversary Edition was installed, no longer allows login with that password.

The account logs in fine with PIN, fingerprint or picture login, so it is still usable, but not with the password, and of course you can't change the password normally without providing the old password - none of the other authentication mechanisms are allowed at this point.

Searching the net, the only other option I can find involves a password reset which wipes all user data in the account. At that point, I might as well just delete the account and create a new one.

Note that this machine is Bitlocker encrypted and this account is not attached to a Microsoft account, nor are the other administrator accounts on the system.

Computer Management > Users > user > Set Password... says:

Resetting this password might cause irreversible loss of information for this user account. For security reasons, Windows protects certain information by making it impossible to access if the users's password is reset.

Data loss will occur next time the user logs off.

You should only use this command if a user has forgotten his or her password and does not have a password reset disk.

Mark Booth

Posted 2016-09-06T23:17:36.477

Reputation: 2 324

Answers

6

Resetting the password doesn't wipe user data.

The influence is limited only to a part of data that has increased protection, like encryption keys to the files that were encrypted with EFS (separate from Bitlocker, i.e. through file properties, General, Advanced, "Encrypt contents to secure data"), personal certificates, and stored passwords.

If you have a usable local administrator account (which you imply you have) you can just open Computer Management -> Local Users and Computers, right-click on the user (self) and select "Set password" option. You should not be asked for the current password.

For your individual case, if you are helping someone, the best procedure would be to backup the data or clone the disk with Clonezilla, and perform the password reset.

techraf

Posted 2016-09-06T23:17:36.477

Reputation: 4 428

1Added. In fact, if resetting passwords wiped users' data, the economy would probably collapse. The number of password resets in corporations is quite significant. – techraf – 2016-09-07T22:32:56.260

1I can confirm that doing this nukes the password store, but the rest of the (non per user encrypted) user data remains intact. – Christi – 2016-09-09T00:18:32.457

1I've always preferred the old school command line method: net user username p@$$word (as admin, of course) – jdgregson – 2018-10-03T23:22:52.753

Asked: 2016-09-06T23:17:36.477

Viewed: 1 789 times

Active: 2017-04-20T17:23:41.723