Windows 8 UEFI password reset

M

MobileTechie

Well-Known Member
Reaction score
32
Location
UK
I know there has just been a thread related to this but I have this with the added spice of the system using UEFI. This seems to mean that I cannot use any kind of boot disk or USB stick. I can get into BIOS and tell it to boot from them but they are simply ignored.

Is this how UEFI is going to work then? - you cannot boot to boot disks?
 
I can get a command prompt using the boot options for recovery and I've tried adding a user and then adding the user to the local admin group. However this user does not show up as a login option. Only the one user shows up. Not this user is not local but uses the MS account - obviously we should be able to use MS's live account system online to reset that eventually but I still need to know what is going on here.

Why won't the account show up when added like this?

Also I see in BIOS I have the option to turn on Legacy Boot support. However I have to turn off Secure Boot in order to do this. If I do turn it off, will that screw up the Windows 8 boot on this machine?

EDIT:

OK I've answered the last Q - no it doesn't screw it up, it just allows booting from other devices. I sill cannot get it to boot from a CD but can from a USB. This is great but....Windows 8 doesn't use old-fashioned MBR partitions so none of the old password tools work
 
Last edited:
Windows 8 doesn't use old-fashioned MBR partitions so none of the old password tools work
Click to expand...

Every Windows 8 system I've installed used NTFS file systems. So there is an MBR. Pull the drive and slave it to a system with a standard BIOS. Image or clone the drive as a precaution. I bet then you can use your password recovery tools.
 
nlinecomputers said:
Every Windows 8 system I've installed used NTFS file systems. So there is an MBR. Pull the drive and slave it to a system with a standard BIOS. Image or clone the drive as a precaution. I bet then you can use your password recovery tools.
Click to expand...


Then you must not have seen Win 8 installed on UEFI hardware.

UEFI boot requires that the partitions are GPT rather than MBR. NTFS does not need MBR to exist.

There is a the Protective MBR but that is there just to stop boot tools trashing the GPT.

AFAIK you cannot read the disks using boot disks designed for MBR partitions. It either finds nothing there or thinks it is one large partition. This is why disks like Hirens and UBCD etc simply don't work on UEFI hardware even when you turn off Secure Boot.
 
MobileTechie said:
I used the net user commands to create a local account and add it to admin group but the account doesn't show up in the list of logins when you boot up.
Click to expand...

Hmm... well regardless of that, you use the utilman trick to gain command prompt at the login screen. Instead of creating a new account what you do is use net commands to remove the existing account's password. e.g.
Code: 
net user "theusername" *
then hit enter twice.
 
FoolishTech said:
Hmm... well regardless of that, you use the utilman trick to gain command prompt at the login screen. Instead of creating a new account what you do is use net commands to remove the existing account's password. e.g.
Code: 
net user "theusername" *
then hit enter twice.
Click to expand...

Win 8's recovery options includes Advanced Options which includes getting to an offline command prompt anyway.

In this situation, the single user login is not a local account but a Microsoft account. It doesn't show up in the list when you use net user.
 
MobileTechie said:
Win 8's recovery options includes Advanced Options which includes getting to an offline command prompt anyway.

In this situation, the single user login is not a local account but a Microsoft account. It doesn't show up in the list when you use net user.
Click to expand...

bummer! I haven't experimented with the email based accounts yet -- didn't I read somewhere there is a password reset option online for that?
 
Yes the account is based on a Microsoft Account and that in turn can be based on an existing email account like googlemail or hotmail or whatever. So you can reset it there and as long as you have net access you can sort it out. This is what I did, but I wanted to find out what was going on in general with bootdisks, GPT and passwords etc.

Maybe the command line you get from the recovery options isn't of sufficient priviledge for the net user commands to work properly? Or maybe if you only have a single email based account then no local users are shown? I need to find out. Also really need a boot disk capable for GPT as it appears that the OEMs are pushing out UEFI right now.
 
MobileTechie said:
Yes the account is based on a Microsoft Account and that in turn can be based on an existing email account like googlemail or hotmail or whatever. So you can reset it there and as long as you have net access you can sort it out. This is what I did, but I wanted to find out what was going on in general with bootdisks, GPT and passwords etc.

Maybe the command line you get from the recovery options isn't of sufficient priviledge for the net user commands to work properly? Or maybe if you only have a single email based account then no local users are shown? I need to find out. Also really need a boot disk capable for GPT as it appears that the OEMs are pushing out UEFI right now.
Click to expand...

Why can't you create a new local user with admin rights at that point? Wouldn't that solve your access problems? Also can a admin user reset a password mail linked account? Can they take ownership of files etc? If not then that is one more reason NEVER to use Windows 8. Enterprise clients have to have those functions.
 
Have you tried booting with a windows 8 install disk? Does this make any difference in using the utilman method?

How about using Dart?
 
nlinecomputers said:
Why can't you create a new local user with admin rights at that point? Wouldn't that solve your access problems? Also can a admin user reset a password mail linked account? Can they take ownership of files etc? If not then that is one more reason NEVER to use Windows 8. Enterprise clients have to have those functions.
Click to expand...

I appear to create such an account but that account did not appear in the list of logins on reboot. Maybe I did something wrong but net user reported the user was successfully added to the local admin group. I.e. I don't really know!
 
MobileTechie said:
I appear to create such an account but that account did not appear in the list of logins on reboot. Maybe I did something wrong but net user reported the user was successfully added to the local admin group. I.e. I don't really know!
Click to expand...

Did you follow up with a
Code: 
net user "username" /active:yes
command? I know there is also a section of the registry to prevent special user accounts from appearing on the login screen, and it's possible that for some reason the account you added is showing up there... can't find it at the moment but it shouldn't be important if you use the /active switch that is supposed to remove it from that section of the registry...
 
Thanks for your effort on this. I don't have a uefi machine here but have deployed several. I fear getting a forgotten password call right now.
I look forward to your dart tests.
 
FoolishTech said:
Did you follow up with a
Code: 
net user "username" /active:yes
command? I know there is also a section of the registry to prevent special user accounts from appearing on the login screen, and it's possible that for some reason the account you added is showing up there... can't find it at the moment but it shouldn't be important if you use the /active switch that is supposed to remove it from that section of the registry...
Click to expand...


No I didn't. So that might well be why.
 
A little update on this.

I think I might have been being a bit dim before. The net user administrator trick DOES work. It's just that in Win 8 the default login screen only shows the last user and whilst there is a dirty great back-arrow on the screen - I didn't notice it. On clicking that, you get the full list of users, which includes the administrator user, once it's been made active.

Given that on uefi bios systems, the normal boot disks with their password reset apps don't boot, this might be the go-to method for password reset on Windows 8. All you need is a Win 8 install disk.
 
I found that to do this on an Acer I had to make not one but two changes to the bios before it would run from a boot disc. In fact this also applies if you want to downgrade to 7 as the Win7 disc will not load by just disabling Secure Boot.

I also slaved the drive and was able to use Nirsoft Produkey to reset the password just as a tester. ;)
 
You must log in or register to reply here.

Similar threads

Appletax
[SOLVED] Need BIOS/UEFI Unlocked for Toughbook CF-33
Replies
4
Views
791
Appletax
Appletax
britechguy
How in the world does one boot from USB these days?!!
2 3
Replies
48
Views
5K
lan101
lan101
lan101
Dell Inspiron 7706 2n1 how to boot from usb?
Replies
8
Views
1K
sapphirescales
sapphirescales
NviGate Systems
Custom WinPE I Made - "ODS 64 Offline Device Servicing" 8.1
Replies
3
Views
913
NviGate Systems
NviGate Systems
T
Seeking understanding of why new Dell gamer laptops can't use Device Encryption
Replies
3
Views
788
Markverhyden
Markverhyden
Back
Top