However I found a solution that will work if you've already completed installing Windows and setup a local administrator account. The answer from Scott looks like it should work (I didn't test it) if you have not finished installing Windows and maybe also when you are creating a new user. I finally came up with the correct search terms to produce a useful result. Since I didn't want to reinstall Windows to fix this problem unless there was no other way, I kept on looking. A potential hacker would have to open the case of the machine and put a jumper on the CMOS reset pins on the motherboard to wipe out the BIOS password to get in. Of course, someone can always change it back, so you must set a password in the BIOS settings to prevent that.Īt this point, you should be secure. You will have to edit the BIOS settings of the computer and disable booting from a USB drive if you are concerned about this. However, as noted in the above article, someone can still gain access to the account if they can get the machine to boot from a USB drive. To reset the password via this method, one needs to create a password reset USB drive while logged in as that user. Please connect a USB flash drive, and then try again." If someone puts in an incorrect password at the login screen, the "reset password" link will appear, but upon clicking it, they will receive the error: "This feature requires removable media, such as a USB flash drive. Once you're set up, press Ctrl-Alt-Del and change the password from blank to the password you want. You will not be asked for security questions. There is a way to avoid choosing security questions and answers when setting up Windows 10. I am hoping there may be something available in group/local policy that can be turned off in order to achieve the desired effect? My question is very specifically "How do I get rid of/turn off the option to reset a local account's password from the Login screen?" Let me be very clear, I am not interested in answers to either of those questions. I have been searching for the answer to this question but all I can find so far are results like "how to bypass the login screen" or "how to remove the login password.". I would like to know how to remove this reset link from the login screen, making it much more difficult for anyone to reset the password without actually logging in to the account first. The security questions you can choose from to protect the reset are "canned" and refer to very common or easy to come by information about a person and therefore are not very secure. This may be OK in a home/personal setting but I find this highly insecure in a business setting. If you're unfamiliar with the option I'm referring to, when I type the admin account password incorrectly once, a "Reset Password" link shows up below the password box which then allows me to reset the password if I provide the correct answers to the security questions that are displayed after clicking the link. At the moment I am still inexperienced with Windows 10 and configuring it securely so I'm not sure how to remove the password reset option from the login screen. The local admin account is the only account this PC will ever have. This PC needs to be as secure as possible and it will also never be attached to a Microsoft account. I've installed Windows 10 Professional on a PC with only one account, a local administrator.
0 Comments
Leave a Reply. |