Using a local account in Windows 10 or 11 is good for privacy. It keeps the account local and reveals less information and data to Microsoft.
One of the drawbacks is that you cannot easily reset the account password in case you forget it. In fact, apart from brute forcing or hacking your way back in, there exist only two options to deal with the issue:
- Answer security questions — This works only if you set a password during account creation and can remember them.
- Use a password reset disk — This option is only available if you created one in the past.
Most Windows users may not have access to these, however.
Security questions
When you create a new local account in the Settings app, you may add three security questions and their answers.
Note that this is an optional step, if you do not add a password to the account. If you do add a password, which you should in most cases, you are required to select three security questions and type answers for them before you may continue.
While it may be tempting to answer them truthfully, you may add to the security of the account by adding characters to it.
When asked about the name of your first pet, you may write Bello and be done with it. However, it may be easy to find out about the name of the pet or try common pet names. Add characters to Bello, say BelloX5, and you can be certain that guessing or knowing won’t get an attacker far.
You may also type random characters, but need a way to access these when you require them.
Creating a password reset disk
The second password recovery option requires a password reset disk. This needs to be created before you run into troubles signing in.
Note: you need an USB Flash Drive for that.
Here is how that is done:
- You need to sign-in with the local account that you want to create a password reset disk for.
- Insert a USB flash drive into the computer.
- Open the Start menu and type Control Panel.
- Pick Control Panel from the list of results.
- Type Create Password Reset in the Control Panel search box.
- Select Create a password reset disk from the results.
- Click Next to start the process.
- Type the current account password on the next page.
- Disconnect the USB Flash Drive in the end and keep it safe.
Anyone with access to the USB Flash Drive may regain access to the local user account. Obviously, you could encrypt the computer using a program like VeraCrypt to add another level of security to it. I highly recommend doing so.
What about you? Do you prefer local or Microsoft accounts on Windows? Do you have password reset options available in case you forget your password?
I don’t forget my password. It’s a combo of my old banks ATM card PIN code from 15 years ago and a fun word my friend made up when we were 10 years old. Only me and him know the word, and he died in 2013. Now, should I have a stroke and get amnesia, that’s another story. But then I just remove the ssd and pop it in another computer to access my files. Or use a linux live usb. Let’s face it, using an account password on a computer is not exactly safe if you have things to hide.
Using the most public personal information possible to secure anything is just stupid. Finding out someones mothers maiden name or what city they were born in is not that difficult.
I do use the 3 questions but I use the default ones and ignore what they say. I choose an unrelated theme and come up with three squential answers like dog1, dog2, dog3.
I also use non sensical passphrases instead of passwords. They are easier to remember and “the longer the stronger”. It’s basic math, you add a character and you’ve increase the strength.