Win 10 MS account lost password, computer wont get past the login

[Velvis]

I have an older client who is not sure what she did, but she did some kind of an update and now when the computer boots it asks for a password or PIN that she cant bypass. She said previously she entered a PIN, but it no longer works.

Her forgot password connections are an email address she no longer has and a cell # she no longer has.

She went through the MS recovery webpage where it asks last passwords, who you have sent email too, etc. and it says its not enough info to reset the password.

Is there anyway around this?

 

[seashore]

PCUnlocker will change the MS account to a local account without a password.

 

[mikeroq]

PCUnlocker will change the MS account to a local account without a password.

I was typing a reply and that is what I use. But I just could not remember the name!

I've used it multiple times to get past a msft account. Keep in mind this does nothing to the actual Microsoft account, only the local account on the computer. So once you login you can convert it to local. As for the actual microsoft account you, I think you are stuck without getting the correct information or access to the recovery methods.

 

[Velvis]

When I boot using the USB, it asks to select the Sam file but the hard drive isn't available.

 

[mikeroq]

When I boot using the USB, it asks to select the Sam file but the hard drive isn't available.

NVME?

 

[sapphirescales]

When I boot using the USB, it asks to select the Sam file but the hard drive isn't available.

You're screwed. The drive is encrypted with Bitlocker. That woman just lost her data. Thanks, Microsoft!

Your only option is to try and recover her Microsoft Account password using another computer. If she gave Microsoft her smartphone number then you can reset it. Then you need to extract the NVMe SSD, put it in an enclosure, and decrypt it using the Bitlocker recovery key stored in her Microsoft account. Alternatively you can use a portable version of Windows 10/11, boot the computer from it, then use that to access the SSD and decrypt it using the recovery key stored in her Microsoft account.

Then after decryption you can use PCUnlocker to clear her password. Then convert her to a local account so she hopefully won't have to deal with this BS ever again. Then sell her a cloud backup subscription in case Microsoft forcefully encrypts her drive again.

Backing up data on a computer that won't boot is now a VERY expensive procedure thanks to this BS. I charge $369 to recover someone's Bitlocker recovery key, decrypt their drive, and back up their data. Obviously this isn't necessary if their computer boots and they have their password, but if their computer doesn't boot properly (you know, the main reason people bring their computer in in the first place!), you've got to deal with this BS.

 

[alluseridsrejected]

NVME?

Make sure the usb drive is booting with the correct option of UEFI or not. That fixed the issue for me last time the c drive was not there. also the c drive may have a different drive letter.

 

[alluseridsrejected]

When I boot using the USB, it asks to select the Sam file but the hard drive isn't available.

I replied to Mikeroc instead of you by mistake. On my phone and not paying attention to what I am doing. See response to him.

 

[sapphirescales]

Make sure the usb drive is booting with the correct option of UEFI or not. That fixed the issue for me last time the c drive was not there. also the c drive may have a different drive letter.

Assuming the lady isn't just an idiot who forgot her password, you could also try extracting the drive and running chkdsk. IF she has the right PIN#/password and it's just not accepting it, maybe corrupt files could be causing the issue. You can also try the "forcefully shut it down as it's starting up 3 times" trick. Basically get the computer to run chkdsk at startup. Be careful though. Doing this might cause more damage to system files and might even corrupt the Bitlocker encryption itself, which means you can't recover the data even if you have the Bitlocker recovery key.

The safest course of action when a computer won't boot and/or a client can't get into the computer and it's Bitlocker encrypted is to make sure you get the data first and foremost. For all you know, the drive could be failing. Run a diagnostic on the drive itself and if there is any signs of hardware failure, unlock the drive and get the data but DO NOT decrypt it as decrypting a drive is very hard on it and it could fail during the decryption process.

 

[britechguy]

You're screwed. The drive is encrypted with Bitlocker. That woman just lost her data. Thanks, Microsoft!

Sorry, but someone not keeping track of their accounts and passwords is NOT Microsoft's fault, or Google's fault, or the bank's fault. It it the USER's fault!

Account and Login information, regardless of the specific style, is the metaphorical "key to the house." No one says that when someone loses their car keys, or house keys, that it's either the auto maker's or builder's fault.

The same applies to "cyber keys." Your an adult (and I work with seniors all the time, so they don't get a pass) it is up to you to log this information via a method you can reliably access if/when you need it.

If this is a case where a relative set up all the account information, and it wasn't passed on and recorded, then it's their fault. But the idea that any account owner who set it up themselves, along with a recovery email and phone number, would close both without also updating what needs updating on the accounts that need it still puts the blame on that user, no one else.

 

[fincoder]

Sorry, but someone not keeping track of their accounts and passwords is NOT Microsoft's fault

I thought you were against Microsoft's automatic device encryption? That's what @sapphirescales was referring to.

When I boot using the USB, it asks to select the Sam file but the hard drive isn't available.

It could be the PCUnlocker USB is MBR, and the hard drive is GPT. You might need to create a UEFI/GPT bootable USB.

Also check the keyboard isn't faulty.

 

[britechguy]

@fincoder

Regardless of what @sapphirescales may have been indirectly alluding to, the issue at hand is not the result of anything other than someone losing or forgetting their password, never having adequately logged same, and never having kept their recovery information up to date.

 

[frase]

MS don't FORCE people to use Bitlocker until Win 11 with a microsoft account linked. So they encrypted this drive on their own or had one of their "I know I.T" friends do it for them or who knows...

As stated br @britechguy - it is ultimately up to the user how they store passwords no-one else's fault though their own.

@sapphirescales Why run Chkdsk for - it would have no value just complicate the process more

You could try and setup a temporary email account to divert the recovery email to.

 

[fincoder]

MS don't FORCE people to use Bitlocker until Win 11 with a microsoft account linked.

"Device Encryption" or Bitlocker is turned on automatically in Windows 10 too, under certain conditions such as MS account login and TPM. Nothing to do with Windows 11, except I suppose some Windows 10 computers don't have TPM enabled.

 

[frase]

Does depend on the user pro maybe. Though as far as I am aware it would need to be enabled manually on Home.

 

[fincoder]

Many on this forum and others report users with device encryption turned on. It depends on the OEM system image. In some cases the users are accidentally turning it on somehow, but if it's that easy to turn on I still blame Microsoft's design.

 

[britechguy]

In some cases the users are accidentally turning it [device encryption] on somehow, but if it's that easy to turn on I still blame Microsoft's design.

About which you would (and will, at this time) get no argument from me.

But that's still not relevant to the issue at hand. We cannot, and should not, just keep giving users a pass for behaving irresponsibly. I stick with my analogy of a password (or PIN - I don't count biometrics because they are not memorized) of being the key to one's cyberhome. We don't think that people who are constantly losing their keys to their homes, offices, cars, safe deposit boxes, etc., are poor dears that someone else is responsible for having put in their situations.

The use of a password or equivalent as your key has been the primary basic security method since the first day I started using computers, of any sort, other than using punch cards (yes, I am that old). There cannot be a computer user alive who is not aware of this, even those who may have set up Windows to bypass password entry (which you can still do). There is still a password that's being used, it's just cleverly being handed to Windows, and the user still needs to have this information logged somewhere, whether the account is local or MS Account linked.

What was described at the outset of this topic was a series of grave user errors. And I don't think the frequent policy of white-hat hacking to get back into machines has served our industry, nor our users, well. It has just allowed irresponsible behavior to continue, and without the consequences it actually deserves.

 

[fincoder]

But that's still not relevant to the issue at hand.

Sure, it was merely a tangent. I agree that people need to take responsibility for keeping password records, it's very frustrating!

 

[Porthos]

I do not want to say how many of these turned into a Fabs backup and a nuke to get people to write things down for the future.
People toss phone numbers and many never can access the email any longer.

 

[nlinecomputers]

MS don't FORCE people to use Bitlocker until Win 11 with a microsoft account linked. So they encrypted this drive on their own or had one of their "I know I.T" friends do it for them or who knows...

As stated br @britechguy - it is ultimately up to the user how they store passwords no-one else's fault though their own.

@sapphirescales Why run Chkdsk for - it would have no value just complicate the process more

You could try and setup a temporary email account to divert the recovery email to.

Sorry that is flat wrong. We have had several topics explaining over and over again about the limited version of BitLocker called Device Encryption. If you have an OEM installed version of Windows 8,10, or 11 Home or Pro on a laptop with an SSD, and TPM module and you sign into a Microsoft Account during the OOBE setup the drive will be automatically and silently encrypted with the BitLocker key stored in the M$ account. We just had a big topic not just a week ago by @HCHTech.

This is a real thing that is going to be SOP as more systems qualify with the proper hardware.