Important Article Update: An important update to this tutorial has just been added on 2nd November 2018 due to recent changes by Microsoft to Windows Defender that is included with Windows 10. Please see the heading titled "Copying cmd.exe to utilman.exe didn't work for me - Now what?" at the bottom of this article to resolve the problem if you are using Windows Defender as your Antivirus of choice on Windows 10, rather than one of the other multitude of third-party antivirus applications available. Regards, Andrew Leniart
I frequently see questions pop up at Experts Exchange from folks that have forgotten their Windows 10 user password and who didn't bother to create a Win10 Password Reset Disk, don't have a secondary Administrator profile to log in with, or who use a Microsoft Connected Live account, without recovery options to be able to reset their password online.
Links are often suggested to askers, recommending various third-party boot CD's or Images, some free, some paid, that may have worked great for Windows 7 and earlier installations, but can sometimes fail to reliably reset a Windows 10 password. The good news is that you don't need any third party tools. All you need is a Windows 10 Installation DVD or a Windows 10 ISO file which will work every time.
By reading this article, you will learn some DOS (Disk Operating System) commands and what they do, as well as be able to get free additional help at Experts Exchange.
Note: Though not tested at the time of writing, the Utilman related tricks described in this tutorial should also apply to previous versions of Microsoft Windows, including Windows XP / Vista / 8.1 / Windows 7 and Servers.
Let's dive in...
1 - Steps for Physical Machine Installs
- Change your BOOT Device in BIOS to Boot from DVD or USB First
You're going to have to boot your computer with a Windows 10 Installation DVD or with a USB device that a Windows 10 Installation ISO has been extracted to and made bootable. So restart and enter BIOS settings on your computer. How to do this can differ depending on your mainboard manufacturer or the brand name of your computer, but most commonly, getting into BIOS simply means tapping the Delete key on your keyboard while booting up.
Often there will be a message on your monitor during boot telling you which key you need to press to get into BIOS Settings. If pressing the Delete key doesn't work for you, check which keys you need to press for your particular computer or mainboard with the manufacturer's website, or use the ask a question feature at Experts Exchange to ask for help.
If you're using a physical computer, skip down to "Create a Secondary (Local) Administrator User" now.
1 - Steps for Oracle VM VirtualBox Installs
For those of you using a Virtual Machine in VirtualBox, change your boot device to Boot from a saved Windows 10 Installation ISO. On the Oracle VM VirtualBox Machine, click "Devices" > "Optical Drives" > "Choose Disk Image" and select the saved Windows 10 installation ISO. If you don't (or no longer) have one, you can download the ISO file straight from Microsoft using this link.
See screenshot below.
The remaining steps are the same for both Physical and Virtual Machine installs.
Create a Secondary (Local) Administrator User
If you don't already have a second Administrator enabled user account on Windows 10 to help you out, just create one on the fly. Once you've booted with your Windows 10 installation DVD (or ISO in the case of VirtualBox) the process is quite simple and you can then make use of the Windows GUI (Graphical User Interface) to change the password.
When you boot with a Windows 10 DVD, USB stick or ISO on Oracle VM VirtualBox, you'll get a message on your screen for a few seconds telling you to "Press any key to boot from..."
1. Follow that instruction and just hit any key on your keyboard. You should end up with the following screen.
At this point, we want to bring up a command prompt to issue some DOS commands to Windows.
2. Press Shift+F10 on your keyboard to open a DOS command prompt window. The Window that pops up will show a drive letter of X:\ That's a temporary drive letter that Windows has assigned to boot media you've used.
3. Enter the following commands exactly as shown to perform actions on your Microsoft Windows installation, which will usually be on drive letter D: - and pressing your Enter Key after each line.
Note: If the following commands fail for you, then type "Dir E:", "Dir F:" etc until you find which drive letter your system drive has been assigned, then just replace D: with the drive letter for your system.
Move D:\Windows\System32\utilman.exe D:\Windows\System32\utilman.bak
Copy D:\Windows\System32\cmd.exe D:\Windows\System32\utilman.exe
What are those commands doing?
4. When Windows restarts, don't boot with your Windows Installation DVD, USB Stick or ISO this time. We're done with that, so just allow Windows to boot up normally.
5. Now that Windows has restarted, we can use the fake "utilman.exe" command we copied above, to bring up a command prompt at the login screen by clicking the "Ease of Access" option on the Windows 10 login screen.
Doing so will now bring up a DOS command box.
6. Enter the following commands into the DOS command box as shown below.
You will now have a new Administrator enabled account to log into Windows with, named "Temporary" and with no login password set. We could have set a password at this point if we wanted to, but we'll do that in Windows GUI instead so that we can record a helpful password hint as well.
Sidenote: We could have just enabled the Windows 10 built-in Administrator account in the above steps, but I personally don't recommend doing that for a variety of reasons I won't go into here.
7. Log into Windows 10 with the new "Temporary" account just created. It's insecure at this point, so the first thing I recommend you do is to give it a good strong password, even if you don't intend to keep it for the long term.
Use Windows GUI to change the password of your regular account
Note: If the account you are trying to change the password to is an Online Microsoft Connected Account, skip down to "What if my Account is a Microsoft Connected Account?" now. Otherwise, continue on to reset a Local User Account.
8. Now that you've logged back into Windows 10 with an Administrator enabled account, you can change the password on your main local account. As with most things in Windows, there's more than one way of doing this, but here's one simple way.
9. On the next window, click on the problem account that you've forgotten the password to. In the example below, we'll assume it's John Jacob's account.
10. On the next Window, click the "Change the password" hyperlink.
11. Now type and confirm a new password for the John Jacob account, put in a password hint if desired and click the "Change password" button.
Be sure restore your c:\windows\system32\utilman.exe file or you will no longer be able to configure any of Windows Accessibility options like Magnifier, High Contrast Theme, Narrator and On-Screen Keyboard, the latter which can often be useful before logging onto the system.
Worse, leaving a fake utilman.exe command would also leave a gaping security hole in your system, because it could also provide administrator access to hackers.
There are different ways to achieve this, but I think one of the simplest methods is to use WinPE (Windows Preinstallation Environment) Complete the following steps to restore Windows Accessibility functionality and reverse cmd.exe functionality;
You're Done! Select the previously forgotten password account to login with and use the newly set password to log in. If you haven't done so already, (you should have) then don't forget to give the "Temporary" user profile a strong password if you intend to keep it.
What if my Account is a Microsoft Connected Account?
Resetting a Microsoft Connected account is easy, providing you set up your account recovery options, such as security questions, a mobile telephone number where you can get an SMS, and a recovery email address. If you did, good job!
Just open a browser and go to this "Why can't you sign in?" Microsoft password reset page. Select "I forgot my password" and follow the prompts to reset your password.
Didn't configure your Microsoft Account recovery options?
No problem, we have you covered and can still get you back into your account!
This won't solve your account connectivity problems with Microsoft, but it will get you back into your normal user profile. Read on to learn how...*
A) First things first, if you haven't done so already, complete Steps 1 through 7 under the "Create a Secondary (Local) Administrator User" heading above, then skip back to here once you have created a "Temporary" local administrator user account.
B) If you've followed all instructions correctly, you should now be in Windows 10 using the "Temporary" user account we created, and have set a password on that account. If not, go back to Step 1 above and find out which step you may have skipped.
Here's where things get a little complex and tedious, so pay very careful attention to the following instructions.
Completing the following steps "will" restore your access to your Microsoft Connected Account in Windows 10, as we will be changing it to be a Local Account.
Be careful not to skip any steps - everything should be as shown below - if it's not, then it's likely that you may have missed a step.
C) Restart Windows and let it boot to your normal Login Screen.
Note: If Windows just restarts normally, you probably forgot to hold down your Shift Key before you clicked Restart
Tip! - Click any image below to enlarge in a new browser tab
Windows will Restart again and present you with the following screen...
Click the "Look in:" drop arrow and select your system drive. Local Disk (D:) in the example below.
Drill into the loaded SAM-TEMP hive to the following path;
Now close Registry Editor and we are back at the still open CMD DOS box. Restart Windows with the following command.
On the Home Stretch
In the DOS Command Window, type the following command;
Change "andre" above to YOUR profile name
The above command sets the previously locked account's password to: newpass
Next, we need to add the user account to the "local" administrator group. Enter the following command in the DOS Command Box to add the profile to the local administrators group
Again, replace "andre" with YOUR user profile name in the above command
Type exit and hit enter to close the command box and login to your previously locked out account with a password of "newpass"
Now that you're back in Windows 10 with your familiar user account, it's time to do a little cleaning up. I strongly recommend you perform the following steps.
Windows restarts and you're done! Now get cracking in contacting Microsoft Support to try and regain access to your online account again.
Copying cmd.exe to utilman.exe didn't work for me - Now what?
Microsoft recently updated the definitions for Windows Defender, which is a respectable free antivirus app included in all editions of Windows 10, to recognize that the utilman.exe command we created earlier in this tutorial is fake.
This can cause issues with this process when trying the above-described processes when Windows Defender is enabled on your system and is being used as your Antivirus App, rather than another third party Antivirus application: when you click on the "Ease of Access" button, nothing happens, since Windows Defender blocks the access to the fake utilman.exe file. Here's a screenshot of what Windows Defender will show in its threat history after we try to use the fake utilman.exe which it blocks:
Tip! - Click on any graphic below to get a full-sized view.
Credits: Thanks to Experts Exchange Expert and Page Editor "McKnife" for providing most of the screenshots used below to save me making my own, and also for bringing this recent development to my attention!
To get around this problem, simply restart Windows 10 into safe mode. In safe mode, defender will start a little later and allow us for a few seconds to still use our method as usual. On test machines, I had 30 seconds - on fast machines, it could be less.
1) To start in safe mode, we need to restart our computer in a special way: you need to keep the shift key pressed, while clicking on the restart button. After it restarts, you will then see the following screen. Click on the "Troubleshoot" panel as shown below.
2) Now click on "Advanced options"
3) Click on "See more recovery options"
4) Click the Startup Settings button as shown below
Note: If your installation doesn't show the above screenshot as it turned out for me, it will likely look like the following, in which case you just click the "Startup Settings" button as shown below.
5) You will end up with the following screen. Click the "Restart" button
6) Windows will now present you with the following "Startup Settings" screen. Note the different ways that you can tell Windows to start up in. The ones we are interested in here are 4), 5), and 6) as highlighted below
7) I suggest pressing the Number 4 key on your keyboard and Windows will restart in "Safe Mode" which is what we want to bypass Window Defender's protection.
8) Having done that, the fake "utilman.exe" we copied and created earlier in this tutorial will now work for a few seconds until defender starts - this will usually be just long enough to bring up a command prompt at the login screen by clicking the "Ease of Access" option on the Windows 10 login screen and use the two commands you find in the steps already given under the "Create a Secondary (Local) Administrator User" heading earlier in this tutorial. Done!
Remember, you need to hurry up typing or the fake utilman.exe will be deleted, the command shell closes and you have to start over.
Need more support on this issue? Click the blue Ask a Question button at the top of your browser while logged into Experts Exchange.
Everything in this tutorial was tested and working at the time of writing with a Windows 10 Professional installation and a Microsoft Connected user account. Each step was documented as I went through the process myself, so I can say with total confidence that it works well.
Finally, this entire process was focused on getting you back into your Microsoft Connected profile account in Windows 10 in a scenario where you can't reset your Microsoft account password online for some reason. How to now go about recovering your Microsoft account is another story. Despite some fake promises you may find on the web, only Microsoft Support will be able to help you in this regard.
If you need additional support on this topic, please use the Ask a Question feature of Experts Exchange.
* Full Credit for the Regedit related process goes to user "colinardo" for making this solution available to the world at this web page on the 15th January 2018.
Till the next time...
Tutorial by: Andrew Leniart
Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.