Sure, Windows has the option to switch any Microsoft Account to a local account, but you have to be logged into that account to perform the switch. The difficulty for us is that we can no longer remove the passwords for these accounts by deleting the hash from the local SAM. The marketing for this feature touts it as a way to synchronize settings across PC’s, more easily access other Microsoft applications such as OneDrive and Office, etc. With the release of Windows 8, Microsoft introduced “Microsoft Accounts”, which are essentially single-sign-on type accounts that authenticate against online servers rather than against the local SAM database.
I’m the only one here who cares for the command line, so I made a graphical version I called Owper that uses Petter’s registry editing library. This is a CLI linux/unix tool that can edit the Windows registry, and has builtin support for clearing Windows local account passwords. For many years a tool has existed to do this very thing: chntpw by Petter Nordahl-Hagen. In the past this hasn’t been a problem (as long as we weren’t working with a domain user) since it is fairly simple to delete the hashed user password from the Windows registry, in effect removing the password completely.
At the shop where I work, we are often confronted with folks who cannot remember their Windows login passwords.
