Windows 8 Microsoft account password hack.

By chillipig
in Microsoft (Windows)

 Share

Recommended Posts

Contributor

chillipig

Posted
Posted

I've started to come up against a problem at work due to the new ability to use a Microsoft account to login to windows 8.

I often have to test PCs when customers return them with alleged faults for a well known company, but frequently the person returning the machine is not the user /only user.

This hasn't been a problem until now as there are lots of Windows password removal tools including some free programs but now I'm starting to encounter Microsoft account passwords which cannot be reset in the same way a local password can.

Having had a good look out there I can find only one title that claims to do it: http://www.top-password.com/reset-windows-password.html

Problem is the company actually has this site blocked by its content filtering software and the rules state that the company expenses account can only be used through the company Internet connection by the designated employee.

I can request this site be taken off the blacklist but the process takes 4-8 weeks and I am getting 2-3 a day which is causing me a backlog.

I have tried proxies but they are all blocked and wouldn't be a good idea when using a credit card anyway.

So can anyone advise me how I could remove/find this type of password manually or any other software they know of retail or freeware?

Many Thanks.

Veteran

Shane Nokes

Posted
Posted

I can guarantee you that the software will not be able to offer you resets on another persons Microsoft Account.

So don't waste your time trying to pay for their services when it's not something they can do. They don't have access to any of the tools required to do so.

Grand Master

ahhell

Posted
Posted

"I'm starting to encounter Microsoft account passwords which cannot be reset in the same way a local password can"

That's the whole point in them using a Microsoft account so that people CAN'T reset/"hack" the account.

Is there a way to enable the admin account and log in?

Contributor

chillipig

Posted
  • Author
Posted

I can guarantee you that the software will not be able to offer you resets on another persons Microsoft Account.

So don't waste your time trying to pay for their services when it's not something they can do. They don't have access to any of the tools required to do so.

I'm not trying to reset their account login with microsoft itself, just to gain access to the the windows 8 desktop under their user so I can replicate the fault they have reported. I cant ask a customer for their MS account password in the same way I could with a local account as I would then have access to all their MS services too.

Grand Master

Brandon H Supervisor

Posted
  • Supervisor
Posted

I'm not trying to reset their account login with microsoft itself, just to gain access to the the windows 8 desktop under their user so I can replicate the fault they have reported. I cant ask a customer for their MS account password in the same way I could with a local account as I would then have access to all their MS services too.

there is no way to do this without having their MS password
Grand Master

Detection

Posted
Posted

I'm not trying to reset their account login with microsoft itself, just to gain access to the the windows 8 desktop under their user so I can replicate the fault they have reported. I cant ask a customer for their MS account password in the same way I could with a local account as I would then have access to all their MS services too.

That's like saying you want access to their hotmail emails but you don't want their password to do it

Windows 8 Live Login, IS their email account to put it simply.

Tell the company to start forcing users to use Local accounts instead

What you are asking is contradicting what you are wanting to do

Contributor

chillipig

Posted
  • Author
Posted

Have the user set a 4 digit PIN or use Picture Password to unlock their Microsoft Account.

If everyone used a local A/C with no password that would suit me down to the ground but the reality is they just assume a computer company has some special tool to temporarily turn off their password in the same way USA customs does with TSA locks. Actually most customers just see it as the companies problem and couldn't give a toss. Beyond that trying to call them multiple times a day to get their password isn't practical, even when they write them down the handwriting can be bad/ misspelled /just wrong.

All I need is access to their desktop in a local sense, if their login credentials for MS on line are removed in the progress thats fine.

Veteran

Shane Nokes

Posted
Posted

I'm not trying to reset their account login with microsoft itself, just to gain access to the the windows 8 desktop under their user so I can replicate the fault they have reported. I cant ask a customer for their MS account password in the same way I could with a local account as I would then have access to all their MS services too.

My point (as others have pointed out) is that the account used for sign-in and their Microsoft Account are one and the same in those cases.

The only way to request a reset for that password is to actually reset their MA password. That software is not going to do that...if they claim otherwise it's a scam and should be avoided.

Reading your latest post...I honestly think you should hand this off to someone else. I think this may be a case where the depth is a bit much for your level of expertise. I don't mean that as an insult, but an honest assessment based on what I've read.

Contributor

chillipig

Posted
  • Author
Posted

My point (as others have pointed out) is that the account used for sign-in and their Microsoft Account are one and the same in those cases.

The only way to request a reset for that password is to actually reset their MA password. That software is not going to do that...if they claim otherwise it's a scam and should be avoided.

Reading your latest post...I honestly think you should hand this off to someone else. I think this may be a case where the depth is a bit much for your level of expertise. I don't mean that as an insult, but an honest assessment based on what I've read.

I do understand what you are saying in that Windows 8 is designed so that it aligns itself with the users on line services as soon as the login window is presented but thats why I titled this thread "password hack." the resulting "damage" to the account credentials and ability to resume using the account locally is of no importance as long as I can see why their webcam isnt working under that particular user for example.

I suppose you could loosely say I am trying to manipulate windows so I can turn the MS A/C into a local A/C stripped of its personalised attributes.

The customer has formerly signed a data loss agreement anyway so I can restore the machine to factory default but of course doing things that way takes longer and time is a big issue for me.

I can see this isn't something thats going to be easy if at all possible from the replies but thanks to everyone for taking the time :)

Contributor

chillipig

Posted
  • Author
Posted

As a side not this site http://www.top-password.com/reset-windows-password.html claims they can do it saying:

"New! Support password reset for Windows 8 local account and Microsoft account."

"The cached passwords are stored as hashes in the local system registry, so it is difficult to crack or recover the original password. However, it?s possible to update the cached password hash using a new password, so you can log in the system with a new password in case your actual Hotmail password is lost or forgotten. Reset Windows Password is the right software which can help you easily reset Microsoft account password by running from a bootable CD or USB drive."

Interestingly they do write genuine software that has been removing local account passwords for a while now.

Grand Master

+Eternal Tempest MVC

Posted
  • MVC
Posted

Windows 8 pushes users to make there windows profile using there Microsoft Live Account.

The way new user creation is set up is you have to go out of your way to make a standard windows profile like XP / Vista / 7.

Essentially if they used the default Microsoft was prompting them for, there windows 8 login is there Microsoft Live Account.

Sorry for using poor terminology to describe this. I know MS is deprecating the "live" branding as well.

Veteran

Shane Nokes

Posted
Posted

Windows 8 pushes users to make there windows profile using there Microsoft Live Account.

The way new user creation is set up is you have to go out of your way to make a standard windows profile like XP / Vista / 7.

Essentially if they used the default Microsoft was prompting them for, there windows 8 login is there Microsoft Live Account.

Sorry for using poor terminology to describe this. I know MS is deprecating the "live" branding as well.

You can just say Microsoft Account. That is the new term.

Grand Master

Detection

Posted
Posted

Does windows 8 really stores cached password of online Microsoft Account? If they does, wow, online account cracking just become much easier.

Not sure, but if it does I doubt they will be in plain text located on c:\passwords ;)

Enthusiast

jackkk1

Posted
Posted

Not sure, but if it does I doubt they will be in plain text located on c:\passwords ;)

No need to be in plain text to crack a password. Nowadays, cracking hashes of the password, even 8 symbol length, really isn't problem anymore. But it would be much harder to do on online website where captchas and other preventive measures exist.

Grand Master

Detection

Posted
Posted

No need to be in plain text to crack a password. Nowadays, cracking hashes of the password, even 8 symbol length, really isn't problem anymore. But it would be much harder to do on online website where captchas and other preventive measures exist.

It must store something because you can log in offline using your Live ID

Enthusiast

jackkk1

Posted
Posted

It must store something because you can log in offline using your Live ID

Yes, from one side, it makes sense otherwise they would have to deal with a lot of calls from users with poor internet connection, from other side, they sacrificed security.

Grand Master

Detection

Posted
Posted

Yes, from one side, it makes sense otherwise they would have to deal with a lot of calls from users with poor internet connection, from other side, they sacrificed security.

Agreed, to maintain security, having the user create a local & online account during setup would have been better, for cases when their connection is unavailable, they are logged into their local account instead

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • Creative Sound Blaster AE-X PCIe review: your headphones will love it

      By Taliseian · Posted

      I'm not sure about that, but it at least "does" a version of 7.1 that this brand new card doesn't....
    • Floorp 12.15.2

      By Copernic · Posted

      Floorp 12.15.2 by Razvan Serea Floorp is a cutting-edge web browser that combines the trusted foundation of Mozilla's Firefox with a unique Japanese perspective, offering users an exceptional online experience. This open-source browser prioritizes privacy, customization, and security. Floorp is transparent, with no user tracking or data sharing, and it's completely open source. With a strict no-tracking policy and full transparency, your personal information remains private. As an open-source project, Floorp not only shares its source code but also its build environment, inviting users to contribute and build their unique versions. The regular updates, based on Firefox ESR, ensure that you always have the latest features and security enhancements. Floorp key features: Strong Tracking Protection: Floorp offers robust tracking protection, safeguarding users from malicious tracking and fingerprinting on the web. Flexible Layout: Customize Floorp's layout to your heart's content, including moving the tab bar, hiding the title bar, and more for a personalized browsing experience. Switchable Design: Choose from five distinct designs for the Floorp interface, and even switch between OS-specific designs for a unique look Regular Updates: Based on Firefox ESR, Floorp receives updates every four weeks, ensuring up-to-date security even before Firefox's releases. No User Tracking: Floorp prioritizes user privacy by abstaining from collecting personal information, tracking users, or selling user data, with no affiliations with advertising companies. Completely Open Source: The full source code for Floorp is open to the public, allowing transparency and enabling anyone to explore and build their own version. Dual Sidebar: Floorp features a versatile built-in sidebar for webpanels and browsing tools, making it perfect for multitasking and quick access to bookmarks, history, and websites. Flexible Toolbar & Tab Bar: Customize your browser with Tree Style Tabs, vertical tabs, and bookmark bar modifications, catering to both beginners and experts in customization. User-Centric Web Experience: Floorp prioritizes user privacy and collaboratively blocks harmful trackers. Floorp 12.15.2 changelog: fix: reset tab drag state on dragend to prevent position offset (#2488) by @Ryosuke-Asano in #2497 fix(workspaces): hide split view wrapper when all tabs are hidden by @Ryosuke-Asano in #2495 fix(split-view): prevent stuck pointer-events:none after drag on web content by @Ryosuke-Asano in #2492 feat(design): add Gecko 152 CSS variable aliases and Lepton compatibility layer by @Ryosuke-Asano in #2494 fix(workspaces): exitOnLastTabClose no longer quits Floorp when closing the last tab by @Ryosuke-Asano in #2498 Download: Floorp 64-bit | 95.0 MB (Open Source) Links: Floorp Website | Github Website | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Microsoft confirms Windows 11 26H2 to finally get one of the most requested features

      By WaltC · Posted

      I can barely recall getting web results from a file search... I must've turned it off long ago. 26H2 is Insider's Preview build 26300.8697, which I am running, atm. It is not available for people running the standard commercial builds of Windows--only for the beta test Insider's group. But anyway, as mentioned in the thread, this feature has been around for a long time...
    • Microsoft confirms Windows 11 26H2 to finally get one of the most requested features

      By Fleet Command · Posted

      Speak for yourself. I saw it on Feedly, came here to read it, and did read it until the steps to activate. I skipped them to read the last paragraph. I knew it was probably not "the most requested feature", but knowing Neowin, I knew the article was going to talk about a feature nonetheless. I've seen Neowin in its best and worst.
    • I restored the default settings to Secure Boot. Big mistake

      By +Warwagon · Posted

      See if this article I wrote the other day works for you.

  • Recent Achievements

    • Dedicated
      Almohandis earned a badge
      Dedicated
    • Dedicated
      JuvenileDelinquent earned a badge
      Dedicated
    • First Post
      DrWankel earned a badge
      First Post
    • Reacting Well
      DrWankel earned a badge
      Reacting Well
    • Week One Done
      Supreme Spray LV earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      507
    2. 2
      +Edouard
      185
    3. 3
      PsYcHoKiLLa
      84
    4. 4
      Michael Scrip
      78
    5. 5
      Steven P.
      76
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!