A colleague recently fell right between that proverbial rock and a hard place. He didn’t do anything wrong, but he knew the client made a bad decision.

His IT consulting client had a lone wolf Windows Vista system with an undocumented password. The client knew just enough to reinstall the operating system and, in the process, lose everything on the system. My friend learned about the adventure after the fact.

Here is what’s on the books: If the Vista system is on a network, the network administrator can reset passwords according to policy. Local user accounts are different; you need a password reset disk to reset user passwords. When you create the password, you should also save this information to external memory (most likely a USB flash drive), as follows:

  1. Go to Start | Control Panel.
  2. Click User Accounts and Family Safety.
  3. Select User Accounts.
  4. In the left pane, click Create A Password Reset Disk and respond to each prompt appropriately.

Without a reset disk, you can use the system’s administrator account to log on (if the user and administrator accounts aren’t the same) and reset the password as follows:

  1. Log on to the administrator account and click Start.
  2. Search on lusrmgr.msc and confirm or enter the administrative password.
  3. Double-click Local Users And Groups.
  4. Click Users and right-click the account that needs resetting.
  5. Click Set Password.
  6. Enter and confirm the new password.

(Note: This process isn’t supported by Windows Vista Starter, Windows Vista Home Basic, or Windows Vista Home Premium, but it’s not likely that the business machines you support run on one of those.)

The user will lose e-mail and encrypted files but that beats the alternative — reinstalling the operating system.

If the user account and the administrator account are one in the same (as was the case in this story) and there’s no reset disk, a reinstall is the next step. The client had no reset disk, and the person who had once known the password was long gone. Now creating the reset disk is a no-nonsense chore, but this system wasn’t even on the consultant’s radar. The client, not knowing any better, reinstalled and started over.

My friend bore no responsibility, but he did regret what happened because the reinstall was unnecessary. He could’ve gotten around the missing password, but the client didn’t know that.

The issue isn’t really the lost data, but that the client didn’t call for guidance. While the incident seems small in the overall scheme of things, it has given me something to think about. Have you ever been in a situation similar to my friend?

Get weekly consulting tips in your inbox
TechRepublic’s IT Consultant newsletter, delivered each Monday, offers tips on how to attract customers, build your business, and increase your technical skills in order to get the job done.
Automatically sign up today!