This image is hosted on an Environmentally Friendly™ host.
I know, this is easier said than done for someone unfamiliar with this stuff, but maybe still good to know that this is an option in future:
You can prepare a “Linux Live USB” and select in the BIOS that it should boot off of that.
It’ll start a complete OS off of that USB, so you can access the hard drive (assuming you didn’t enable disk encryption) and at the very least backup your files, or sometimes even resolve whatever keeps you from accessing Windows.
Remember: Those were probably the times of a single computer at home and having a spare laptop somewhere ready for that is not the default.
I did actually remember that, but figured, they must have had some way of reinstalling Windows, too.
I guess, though, they might have had a physical Windows install disk at home. So, yeah, would have had to prepare a Linux Live CD before disaster struck…
CD? Windows 98 first edition was released on floppies. And Linux was not some simple thing. Red hat hadn’t even created yum and Debian hadn’t even created apt.
The late 90’s was a chore of library visits and 14.4k baud XModem transfer interruptions.
You can also create a Windows installer USB stick, boot off of that, and start its command line to access the files on the installed Windows system. There you can copy CMD.exe over the file path of the accessibility options app.
Then boot back to your installed system’s login screen and hit the button for accessibility options, which now opens a working command line logged into the installed system with admin rights. You can use that to reset your admin password.
This hack has worked in some form since Windows 3.11 .
This sort of nonsense right here is why infosec people warn about having physical access to machines
It’s not just because of nonsense, it’s more that it doesn’t really matter what you do - the only thing stopping someone with physical access to your machine is their level of determination.
At some point, there’s no stopping the laws of physics. Your data is physically stored there. You can do a lot to make it really difficult to access it, but the best you can do is full disk encryption with a sufficiently strong key, and only store that key on external hardware that isn’t accessible to the attacker.
Even then, you better make sure that your encryption key wasn’t hanging around cached anywhere in memory before you shut down your computer.
You can’t really prevent physical access to a machine. Using Bitlocker is a lot better recommendation, because it prevents this kind of attack in most of the cases.