Reset Windows Password using Utilman.exe Trick

TL;DR

Run these commands from a command prompt in Windows Recovery, while in the system drive:

ren \Windows\System32\utilman.exe utilman.bak
copy \Windows\System32\cmd.exe utilman.exe

Restart and click the Accessibility icon on the welcome screen. Then reset the password from the command prompt that opens:

net user Username NewPassword

The “Utilman” Method:

On your Windows lock screen, there is an Accessibility icon in the bottom right corner. Clicking it launches utilman.exe (the Utility Manager), which gives you quick access to tools like the Magnifier and On-Screen Keyboard.

By booting into a recovery environment, we can trick Windows by renaming the Command Prompt executable (cmd.exe) to utilman.exe. When you click that accessibility button on the lock screen, Windows will launch a fully privileged Command Prompt instead, allowing you to reset your password in seconds.

Important Note: This method only works for Local Accounts. If you log in using a Microsoft Account (e.g., yourname@outlook.com), you will need to reset your password via Microsoft’s official online recovery page.

Step 1: Boot into Windows Recovery Environment (WinRE)

Since Windows won’t let you alter system files while it’s actively running, you need to boot into an external or recovery environment.

  1. On the login screen, hold down the Shift key on your keyboard.

  2. While holding Shift, click the Power icon in the bottom right corner and select Restart.

  3. Keep holding Shift until your screen goes blue and you see the Choose an option menu.

  4. Navigate to: Troubleshoot > Advanced options > Command Prompt.

(Note: If your system drive is encrypted with BitLocker, you will be prompted to enter your BitLocker recovery key here to proceed.)

Step 2: Swap Utilman with Command Prompt

Once the black Command Prompt window opens, you need to find your actual Windows installation drive (it’s often assigned a different letter like D: or E: in recovery mode).

1. Locate your Windows drive: Type C: and hit Enter, then type dir and hit Enter. If you see folders like Program Files and Windows, you are in the right place. If not, try D:, E:, etc., until you find it. Let’s assume it is C: for the rest of this guide.

2. Navigate to the System32 folder:

cd C:\Windows\System32

3. Backup the original Utilman file:

ren utilman.exe utilman.bak

4. Replace Utilman with Command Prompt:

copy cmd.exe utilman.exe

5. Exit and reboot: Type exit and restart your PC normally.

Step 3: Reset Your Password

Now for the magic trick.

  1. Once you are back at the normal Windows 11 lock screen, click on the Accessibility / Ease of Access icon in the bottom right corner.

  2. Instead of the accessibility menu, a Command Prompt window will pop open with System-level privileges.

  3. Type the following command to see your exact username:

    net user

  4. Now, type the reset command, replacing Username with your actual account name and NewPassword with whatever you want your new password to be:

    net user Username NewPassword

  5. Press Enter. You should see a message saying “The command completed successfully.”

Close the Command Prompt window, type in your new password, and welcome back to your desktop!

Step 4: Cleaning Up (Crucial!)

Leaving your system like this is a massive security risk, as anyone with physical access to your PC could open Command Prompt and change your password. You must reverse the process.

  1. Repeat Step 1 to boot back into the Recovery Environment Command Prompt.

  2. Navigate back to System32:

    cd C:\Windows\System32

  3. Delete the modified file:

    del utilman.exe

  4. Restore the original backup file:

    ren utilman.bak utilman.exe

  5. Type exit and restart your computer.

A Note on Windows 11 24H2 and Modern Security

While this trick still works on standard installations up to Windows 11 24H2, Microsoft has been aggressively implementing security measures that can block it:

  • Windows Defender / Tamper Protection: In some modern updates, Windows Defender may flag the modified utilman.exe as a threat upon normal boot and automatically delete or quarantine it. If the accessibility button does nothing when clicked, Defender likely blocked it.

  • Windows Hello PINs: If you usually sign in with a PIN, changing the local password via net user might force Windows to ask you to reset your PIN upon your next login.

The Ultimate Defense: If you want to protect your own PC from someone using this exploit against you, make sure to turn on BitLocker drive encryption. BitLocker completely encrypts your hard drive, preventing anyone from tampering with utilman.exe via the recovery environment without your master recovery key.