verdy_p
Authored Comments
This only works if your Windows drive is not encrypted. If you have encrypted it using the storage option of Windows, you won't even be able to mount the volume correctly and edit its content from an external tool to clear the password stored in the SAM registry file, you first need the password.
It may also not work if the encryption password comes from the TPE module which won't allow you to boot from the external drive which was not first allowed to run as it was not signed.
But anyway it's good to signal users that their Windwos password is not a real protection for their data, and that it can be easily cleared in most cases: suppose your PC is stolen (or seized by the police/justice...), they know what they can do easily to enter your drive and get access to all the contents.
Also clearing a password this way may invalidate all access tokens that allow you to use some remote sites or storage that will need a new authorization, because the SAM database will no longer have the necessary access tokens.Your PC will then be "disconnected" from a secure corporate domain and you'll need to contact the domain admin to reauthorize your PC (and fbefore they accept to reconnect you they'll want to inspect your PC, and may force you to resintall it completely).
So don't do that to bypass the protections that have been set in a corporate domain against such personal use of a PC you don't really own and have no right to adminsiter yourself.
The "caret" is not even a metacharacter of the command line shell. It is a metacharacter used in programs you run from the shell, that use the given parameters as a regular expression.
This is not the same for "*" which is intepreted by the shell "patterns" (not regexps).
There's are more useful shell metacharacters:
- dollar ($) for the value of environment variables
- backquotes (`) in pairs for inserting the output of a subcommand into the command line of another command: this is my favorite just after the I/O redirectors ("|", "<", ">") as it captures an ouput only in memory without needing any named variable.