Reset Security Key Windows 10

1 view
Skip to first unread message

Shari Alvine

unread,
Aug 5, 2024, 1:22:55 AM8/5/24
to ittilassu
Ihave tried everything I can think of, I've had two friends who deal with IT problems look at my computer via shared screen with no luck. Since updating to Windows 11 I never noticed Windows Security would not open until recently, it's active and running in the background in Task Manager. I've tried the Powershell and CMD hotfixes, I've reset my PC locally and cloud but I have no restore or recovery points prior to the Windows 11 update. My PC is up to date on all firmware from Microsoft but Windows Security still will not open. Windows Security nor Windows Defender is not listed under my "Installed Apps" or "Default Apps" so I can't try a drop down repair on it. It does show within my Task Manager that there is Windows Defender engine running and in the hidden icons tab it shows Windows Security active. How do you fix this without having to lug your whole PC to a shop?

Repair Windows Security using DISM: Open Command Prompt as administrator and run the following commands: DISM.exe /Online /Cleanup-image /Restorehealth DISM.exe /Online /Cleanup-image /StartComponentCleanup






@ShahbazUbaid my windows license is already expired. and i am not getting any security updates ever since. and that is also the time where i noticed that my windows security app won't open. is it because of my windows license bein expired? do you think if i reactivate my license, it will solve my problem?


@TayDean It's early 2024 and I am in the same boat since the most recent update. In all their wisdom, Microsoft has removed Troubleshooter with this update and wants me to contact tech support. The last time I did that, I was 77 people away from help. I do not have that kind of time.



I've tried all the suggestions here except reinstalling Windows, which is a major hassle and would require hunting down the software I use for work and reinstalling it too. I had to do this once last week because a previous update crashed my computer. It created all manner of work-related issues.



This is really dumb and Microsoft should have fixed this already. But I'm open to more suggestions.


@ShahbazUbaid I appreciate the suggestion, but it didn't work. I'd actually tried it already along with a host of other suggestions found in other places, but thought I'd missed something. I did not.



I'm fairly sure I'm going to have to reinstall Windows again to fix this. It will have to wait until the weekend as I work full-time from home and this has eaten up far too much of my time as it is.



Exceedingly frustrating.


There is a big, complex directory structure on a relative big NTFS partition. Somebody managed to put very bad security privileges onto it - there are directories with randomly given/denied permissions, etc. I already run into permission bugs multiple times, and I found insecure permission settings multiple times (for example, write permissions for "Everyone", or false owners).


NTFS is a bit more fine-grained than RWX, so for this example, I'm just resetting the ACLs to default. If you have a specific collection of ACEs, please add them to your question. Also, if the drive permissions themselves are mangled, we'd need to fix those as well.


Windows Security is your one-stop security center to protect your Windows 11 device and personal data. However, there are times when you have to reset the Windows security app. It may be because the app is not working properly or, in some cases, not starting at all.


It's very important to have the Windows Security app enabled on your computer. It not only protects your local files but also keeps you safe online. But if the Windows Security app is not working correctly, you can reset it using the above methods.


A Microsoft Account is a "connected account" that is not tied to the device itself. A Microsoft Account can be used on any number of devices. Windows Store apps, settings, and data can be accessed from any device you sign in to using cloud storage. To purchase apps from the Windows Store, you must have a Microsoft Account.


A local computer account is an account that is created for a particular device. Information that is created or stored in that account is tied to that computer and cannot be accessed from other devices.


If you lose or forget your local computer account password, you must remember the password hint to regain access to the account (in Windows 10 version 1803 this is changed to security questions.) Alternately, another administrator account on the computer can reset the password. If you do not remember your password hint or security questions, you must reset Windows . This destroys any data, programs, and settings you have on the computer.


To reset your Microsoft Account, browse the Microsoft Reset Your Password site with any device that is connected to the Internet. You must supply some security information to verify that you are the owner of the Microsoft Account. You may also need access to the text-enabled phone number used to create the account.


Windows 10 supports creating a password reset disk if you do not want to use a password hint or security questions. For more information about this tool, see Microsoft KB article, "Create a password reset disk for a local account in Windows 10 "


The laptop would not boot but i could get to the startup menu using the escape key. When selecting to run the diagnostics the laptop went to a blank lit screen. I then removed and formatted the hard disk. The diagnostics then worked and the memory and disk checks passed. When trying to boot from USB the laptop would go to the blank lit screen again. I then opted to reset factory security and BIOS settings. This appeared to run ok. BUT now when i power up the laptop I do not get the prompt to press the escape key. I have tried a hard reset, i have also tried holding windows key and B, I have removed the CMOS battery but still nothing. The fan spins rapidly and the Caps Lock LED flashes white twice slowly. HELP!!!!!


Thank you for showing your interest in HP Support Forums. It is a great place to find the help you need, from other users, HP experts, and other support personnel. I see from your post that you are having issues booting the notebook. Don't worry I'll be glad to help you.


Many startup errors and other problems can be resolved by decreasing the amount of power stored in hardware components. Decreasing stored power is sometimes referred to as a "Hard Reset". Use the following steps to perform a hard reset on a computer:


3. With the power off and the power cord disconnected, press the power button on the computer for 5 seconds. The power light indicator on or near the power button might turn on briefly but then go out.


I have tried everything you suggested (again as i had told you in the original request that i had already performed all these fixes) and also think it is a hardware problem. Unfortunately I have thought this for some time but the seller of the product (Alcampo in Telde, Gran Canaria) would not accept there was a problem with the machine even though when the problems first started it was under warranty. The problem has got worse over time to the point where I now have a HP laptop that is 18 months old and is completely useless.


Hence, we would like to tune the alert in such a way that service account password reset should only get triggered if the same user account hasn't been created within last hour of the password reset event.


You're on the right track there. The issue I see with that is that if you were looking over a 1hr period for recent account creations, the password reset events at the beginning of your window might cause false positives due to account creations possibly being outside your search time range. You could address this by specifying a different time range inside your subsearch.


One way to address this is to have a lookup table of your service accounts (or ideally for security monitoring, all accounts) that has the user account creation date available. When the lookup matches the account id, the event will be enriched with the account creation date. Then you can do a simple eval to get the time difference for filtering. This should work as long as that lookup table is being updated more frequently than your alert's scheduled search interval.

The Splunk add-on for active directory has an ldapsearch command that can help you build this table -LdapSearch/2.1.7/User/Theldapsearchcommand#Examples

The example given is formatted for ingestion into Splunk Enterprise Security's Identity Management, but you could tweak it to your needs.


If you're working with tighter tolerances than the lookup option allows (like a real-time search) or insist on having it done in a single search, you could include the account creation events in your base search. Then use eventstats split by account to get your account creation info fields into the password reset events. The downside of this approach is that depending on the amount of events you're dealing with and how big the time window is, it could take a long time to run and maybe even hit time and resource limits.


In addition to the primary reset methods, advanced security measures should be considered to enhance the security posture further. For highly privileged accounts, using privileged identity management (PIM) can manage just-in-time access, reducing the risk of exposure. PIM enables granular control over privileged accounts, allowing administrators to activate them only when necessary, which minimizes the opportunity for attackers to exploit these high-level credentials. To explore more scenarios where mass password reset might be the best option, read through our technical post.


Implementing multifactor authentication also further strengthens security frameworks. Multifactor authentication is an essential component of basic security hygiene that can prevent 99% of account compromise attacks.1 When integrated with phishing-resistant authentication methods, together they form a formidable barrier against unauthorized access. This dual approach not only speeds up the response during security incidents but also reduces potential entry points for attackers. This transformative phase in cybersecurity shifts focus on reactive to proactive security measures, promising a future where digital safety is inherent and user interactions are inherently secure. An option to enable phish-resistant authentication is the newly released ability to use passkeys with the Microsoft Authenticator.

3a8082e126
Reply all
Reply to author
Forward
0 new messages