P3 · Endpoint & Device Management

Windows 10/11 Login Failure Due to Forgotten Local or Microsoft Account Password

Q: What causes Windows 10/11 Login Failure Due to Forgotten Local or Microsoft Account Password?

User forgot their local Windows account password • User forgot their Microsoft account password linked to Windows login • Password changed remotely by administrator without user notification • Local account password expired due to policy enforcement • Caps Lock enabled or incorrect keyboard layout causing all entries to fail

Users who have forgotten their Windows 10 or Windows 11 local or Microsoft account password receive a 'The Password is incorrect' error at the login screen and cannot sign in. Recovery paths differ depending on account type: Microsoft accounts can be reset online via account.live.com, while local accounts can use security questions, the Windows Recovery Environment, or offline password reset tools. The utilman.exe CMD replacement technique provides a last-resort offline reset for local accounts when no other options are available.

Indicators

'The Password is incorrect' error displayed on Windows 10/11 login screen
User cannot sign in after multiple password attempts
No security questions available on the login screen for local account recovery
Account locked out after repeated failed login attempts
User reports password stopped working after a remote reset or policy change

Likely causes

User forgot their local Windows account password
User forgot their Microsoft account password linked to Windows login
Password changed remotely by administrator without user notification
Local account password expired due to policy enforcement
Caps Lock enabled or incorrect keyboard layout causing all entries to fail

Diagnostic steps

Confirm Caps Lock is off and the correct keyboard layout is active on the login screen before attempting any recovery procedure.
Identify the account type: if the username displayed is an email address, it is a Microsoft account; if it is a plain username (e.g., 'John'), it is a local account.
For Microsoft accounts: click 'I forgot my PIN' on the login screen, or on another device navigate to https://account.live.com/password/reset and follow the online reset flow using a verified email or phone number.
For local accounts: click 'I forgot my password' on the login screen. If security questions were configured during setup, answer them to set a new password without additional tooling.
If no security questions are available, boot the machine from Windows installation media (USB/DVD) and enter the Windows Recovery Environment (WinRE) via Repair > Troubleshoot > Advanced Options > Command Prompt.
In the WinRE Command Prompt, back up and replace utilman.exe with cmd.exe: run 'copy c:\windows\system32\utilman.exe c:\' then 'copy /y c:\windows\system32\cmd.exe c:\windows\system32\utilman.exe'. Reboot into Windows normally.
At the login screen, click the Accessibility (Ease of Access) icon to open an elevated Command Prompt. Run 'net user <username> <newpassword>' to reset the local account password, then sign in.
After regaining access, restore the original utilman.exe by booting back into WinRE and running 'copy /y c:\utilman.exe c:\windows\system32\utilman.exe' to close the security bypass.
As an alternative to the utilman method, boot from a third-party offline password reset tool (Offline NT Password & Registry Editor / chntpw, or Lazesoft Recovery Suite) to clear or reset the local account password without Windows media manipulation.

Resolution path

Verify Caps Lock is off and the correct keyboard layout is selected
Determine whether the account is a Microsoft account (email username) or a local account (plain username)
Microsoft account: initiate password reset via account.live.com/password/reset from another device
Local account with security questions: use the 'I forgot my password' link on the login screen and answer configured questions
Local account without security questions: boot from Windows installation media and open WinRE Command Prompt
Back up utilman.exe, then replace it with cmd.exe to enable elevated CMD access from the login screen
At the login screen, click the Accessibility icon to open CMD, then run: net user <username> <newpassword>
Sign in with the newly set password
Boot back into WinRE and restore the original utilman.exe to close the security bypass
Alternatively, use Offline NT Password & Registry Editor or Lazesoft Recovery Suite bootable media to reset the password offline

Prevention

Configure security questions for all local accounts to enable self-service password recovery at the login screen
Link local accounts to a Microsoft account so online password reset is available
Store all credentials in an organisational or personal password manager (e.g., Bitwarden, 1Password)
Create a Windows password reset disk (USB) via Control Panel before a password is forgotten
Enable Windows Hello PIN or biometric authentication as an alternative, easier-to-recover sign-in method
Maintain at least one secondary local administrator account on each machine for emergency break-glass access
For managed endpoints, ensure LAPS (Local Administrator Password Solution) is deployed so IT can retrieve a current local admin password without user dependency

Tools

Windows Recovery Environment (WinRE)
Windows Installation Media (USB/DVD)
Command Prompt (cmd.exe)
net user command
Offline NT Password & Registry Editor (chntpw)
Lazesoft Recovery Suite (bootable)
Microsoft Account Password Reset portal (account.live.com/password/reset)
Utilman.exe replacement technique

References

Windows 10Windows 11forgotten passwordlogin failurelocal accountMicrosoft accountpassword resetaccount recoveryWinREnet userlocked oututilmanchntpwLazesoftoffline password resetendpointself-service recovery