If you are unable to log into the system because the two-factor authentication (2FA) method or key is lost, corrupted or unavailable, or the user has forgotten the PIN code of the key or entered it incorrectly three times, or the Rohos Logon is set up to “require two-factor authentication for any user”.
The fastest way to restore login is to disable Rohos login component via Safe Mode boot. After Boot the computer in Safe Mode boot, open command line prompt and uninstall Rohos Logon Key or disable it manually by deleting file: c:\Windows\System32\rohos_cp_x64.dll
A unique USB Key for your Windows
First, remember that by default, the configured login key or 2FA method is unique for your system only. This has the following implications:
- By default, Rohos Logon Key application checks the serial number of the login key, and the program will not accept other keys for Windows logon. For example, if you have made a login key by using a regular USB pen drive for another computer with the help of the Rohos Key management utility , this key will not work by default on your PC. However this default behavior can be changed.
- Your Windows password is stored on the USB key only in encrypted form. Therefore, even if the USB key was not protected by a PIN code, it would still be impossible to extract your Windows password from the USB key.
In addition, Rohos Logon Key by default protects the computer in Safe Mode. Thus, if the user has selected the option “allow logon only via USB key” and does not have the USB key (it is corrupted, lost or reformatted, or he has forgotten the PIN code) then it will be impossible to logon to the system using standard methods.
The simple solution for administrators.
Launch your computer from Live USB and correct the registry value USB_Only_login = 0. Then login with using the password, and set up the USB key again. Correct the settings of the Rohos Logon Key application.
Basic recovery tools
Rohos Logon Key provides the user with a set of recovery features that will help to access Windows in emergency case.
- Setting the emergency logon, which makes it possible to log on without a USB key. How to set up Emergency Logon.
- Or create a second USB key to log on to your computer
- Rohos Remote config (from Rohos Management tools) on the Admin’s computer (if the computer is in Windows AD). Configure the workstation to login not only by USB key.
Tools for recovering system logon
The remainder of this article will discuss several options to restore logon, depending on the security settings for Windows and for your computer.
1. A home PC or notebook, not connected to a LAN
2. A computer connected to a LAN
3. A server or workstation in a Windows Active Directory network
4. When you do not know the password
Suppose that the USB key is not available for logon, but you do know either your own password or a Windows administrator password.
-
- A home PC or notebook, not connected to a LAN. The principle for recovery here is to uninstall Rohos Logon Key:
- It is necessary to start the computer under another operating system. You could boot it with a Linux Live CD (such as Knoppix Linux or Ubuntu Linux) or a Windows Live CD. Such a CD-ROM can be purchased in any shop which sells computer CD/DVD disks with programs.
- Then you need to delete the file c:\program files\rohos\welcome.exe (if you are using a Linux Live CD you will need to move into the windows partition using the program ‘mc’).
- Restart the computer in safe mode (press F8 during startup) and log on using your password.
- Delete the program Rohos Logon Key and resart the computer in normal mode. Logon with your password
- A computer connected to a LAN. You may be able to try two recovery methods, depending on the configuration of Windows Firewall on your computer:
- Connect to your computer using Remote Desktop;
- Delete the program Rohos Logon Key over the network:
- Click Start-> Run. Type ‘cmd’, and press Enter.
- In the black window, type “”net use * \\computer_name\$c * /user:Administrator”. Then you must enter your password and, if it is accepted, then a network drive will appear, containing the contents of the C drive of your computer. In the command above, you should replace “computer_name” with the name or IP address of your computer. You can replace “Administrator” with the name of your account
- Go to the network drive and delete the file \program files\rohos\welcome.exe
- Restart the computer in safe mode (press F8 during startup) and log on using your password.
- Delete the program Rohos Logon Key and restart the computer in normal mode. Log on with your password
- A server or workstation in a Windows Active Directory network. Here recovery depends on using a network version of the Rohos Logon Key program:
- Connect to a remote workstation using Rohos Remote Config
- In the option list, from the list “2-factor authentication control type” select ‘none’. Save your changes.
- Login target workstation and create another USB key
- A home PC or notebook, not connected to a LAN. The principle for recovery here is to uninstall Rohos Logon Key:
To unlock the USB key, locked after incorrecltly inserted PIN Code, open Rohos Logon Key application, Users and keys, select the key colored in red and click Unlock Key.
- When you do not know the password to any account on your computer, then you need to reinstall Windows in Restore Mode. Some Windows settings will be lost:
- Insert the Windows installation CD and restart computer (First boot device should be CD-ROM)
- Restart the computer from CD-ROM
- From the Windows Installation menu, choose Recovery Mode
How to restore Windows 7/2008 user icon
Sometimes because of corrupted Uninstallation process or due to system failure generic credential icons is get disappear from Windows login screen.
How to restore it:
- Login into Windows Safe Mode (Clean Boot). Hold F8 during Computer startup.
- You will be able to login as Administrator
- press Win+R and type “regedit.exe”. OK
- Go to HKEY_LOCAL_MACHINE\
“SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\ - Create New Key
{6f45dc1e-5384-457a-bc13-2cd81b0d28ed} - Restart Windows
Done.