2
1
In Windowses (XP SP3, Windows 7, et al), setting Windows' login/account/user password by:
- Run --> Compmgmt.msc --> Local Users and Groups --> Users --> Right Click on a user in right panel --> Set password...
shows:
Resetting this password might cause irreversible loss of information for this user account. For security reasons, Windows protects certain information by making it impossible to access if the user's password is reset.
Update (added the end of this warning)
"The data loss will occur the next time the user log off.
You should use this command only if a user has forgotten his or her password and does not have a password reset disk. If this user has created a password reset disk should use the disk to set the password.
If the user knows the password and wants to change it, he or she should log in, then use User Accounts in Control Panel to change the password.
For additional information, click Help.
Buttons: Proceed, Cancel, Help"
and in next dialog box:
If you click OK, the following will occur:
- The user account will immediately lose access to all of its encrypted files, stored passwords, and personal security certificates
Can these losses be reverted by setting the login password back to the old one?
Or, more specifically, do these losses still occur, if I
- change the password first to another (new) one and, after that, by the same procedure,to a previous (old) one?
- if I enter in "New password:" and "Confirm password:" textboxes the old password?
i.e. set the password to the old one )applying this procedure)?
Update:
As developer, I know that deleting and then recreating an object doesn't restore the old object, just creates identical copy (with usually tedious manual work of restoring references, links, dependencies which are rarely even known since frequently created dynamically, in run-time).
And the question has huge implications for practical system administration especially in workgroups, sometimes big ones.
2I wonder why we don't get this warning when changing passwords using Control Panel > User Accounts – Moab – 2012-04-25T00:59:57.580
Yes, I also wanted to write about it but then decided to keep the question less bloated. Note than in case using Control Panel > User Accounts one should enter the old password – Gennady Vanin Геннадий Ванин – 2012-04-25T04:33:10.297
"one should enter the old password" what effect does this have over not entering the old password in computer management? Probably should make a SU question out of this. – Moab – 2012-04-25T17:36:04.683
2@Moab: if you are changing your own password, you enter the old password and Windows decrypts and then re-encrypts your encryption key, so that there is no data loss. – Harry Johnston – 2012-04-26T04:52:37.520
Note that you can disable file encryption with group policy, although stored passwords and personal security certificates might still be an issue. – Harry Johnston – 2012-04-26T04:54:27.347