How To Unlock a Windows PC

Yemi PeterYemi Peter
3 min read

So I dropped a reel on Instagram — nothing too wild, just showing how a locked Windows user account was accessed using a USB. No data wiped, no user deleted. Just plug in the USB, boot into something else, reset the password, boom — you're in.

So i’ll just go straight to the point.

Warning : It is forbidden to remove the password of a session without the consent of its owner.

🔧 What You Need

  • A PC (Linux, macOS, or Windows is fine)

  • A USB flash drive (at least 8GB)

  • Free ISO tool: Hiren’s BootCD PE

  • A USB flashing tool (like Ventoy or Rufus)

  • Basic understanding of BIOS boot options

    🚀 Step-by-Step Tutorial

    Step 1: Create a Bootable USB with Hiren’s BootCD

    On your second PC (Linux users: you’re good):

    1. Download the Hiren’s BootCD PE ISO from the official site

    2. Use Ventoy (Linux-friendly) or Rufus (for Windows) to flash the ISO to your USB

    3. Once done, safely eject the USB

This USB now contains a mini Windows environment with powerful recovery tools.

Step 2: Boot the Locked PC from USB

  1. Insert the USB into the locked Windows computer

  2. Power it on and enter the BIOS or Boot Menu
    (Usually by pressing Del, F2, F10, or Esc when it starts up)

  3. Change the boot priority so that it boots from the USB first

  4. Save and exit

The system will now boot into Hiren’s PE — a lightweight Windows desktop that runs from your USB.

Step 3: Reset the Password (Without Deleting Anything)

Once you’re inside the Hiren’s interface:

  1. Open the tool called "NT Password Edit" or "Offline NT Password & Registry Editor"

  2. It’ll ask for the SAM file — just navigate to the Windows partition (C:\Windows\System32\Config\SAM)

  3. The tool will list all local user accounts

  4. Select the account you want to unlock

  5. Set a new password (e.g., 1234) or clear the password field

  6. Save and exit

No files are deleted. You’re just changing the password from outside the OS.

Step 4: Reboot and Login

  1. Shut down and remove the USB

  2. Boot normally into Windows

  3. Click on the same user account that was previously locked

  4. Enter the new password (or leave it blank if you cleared it)

  5. You're in — all files, settings, and programs are untouched

🧪 How Does This Even Work?

This works because Windows stores login info in a local registry file called the SAM (Security Account Manager).
When the system is off, that file can be opened by other tools — like the ones inside Hiren’s BootCD.

As long as the drive isn’t encrypted (like with BitLocker), and you can boot from USB, you can edit that password offline.

You're not hacking the OS… you're bypassing it by editing its raw files.

0
Subscribe to my newsletter

Read articles from Yemi Peter directly inside your inbox. Subscribe to the newsletter, and don't miss out.

resetWindows

Written by

Yemi Peter
Yemi Peter

I’m Yemi, an ethical hacking and cybersecurity enthusiast on a mission to master the art of hacking—legally and ethically. This blog is my open journal: • Breaking down technical concepts in simple terms • Sharing tools, exploits, and walkthroughs • Documenting my learning journey from binary to buffer overflows Whether you’re a beginner or just curious about hacking, this space is built to help us grow together. Read. Learn. Hack. Connect with me: • Coding Journey: yemicodes.substack.com • Personal Growth Blog: affirmative.substack.com • Medium Writings: medium.com/@yemipeter