I LOST MY PASSWORD  (PW) !
To what?
         There  are 6 levels of Passwords to lose.  (including the very impossible Bitlocker™)
  1. BIOS +UEFI (see below HP BIOS Password issues)    <  (see fast track here)
  2. HDD Bitlocker encryption (hopelessly impossible and by "DESIGN !")
  3. Windows local login PW lost. (my page here, assumes you lost the USB spare key or never made one per Microsofts instructions, lost as is 100% totally lost PW and there is not a 2nd Admin account here to hack the 1st.
  4. Windows  7/8/10 live login PW only & cloud store . The  trick, of using another admin account #2 to cure lost account admin #1
  5. Web passwords, (like AMAZON or EBAY,  banking, etc.,  this be the endless list...  in all cases ask them for help.
  6. EMAIL , ask your ISP internet service provider, or if using web mail ask them.  (really this is just more of #5 above )
In the future, write your passwords down, on thin paper and put  it in a book (random) on a known only by you page number, ("Post-it-Notes(™)" are best so they can't fall out book rattled by thieves, grin!)
For casual (non financial)Online passwords (like forums or facebook, etc) use LASTPASS.(even BIOS BOOT passwords or bitlocker can be stored by you, using Lastpass secure notes)
To read your Lastpass secure notes go to any working PC on earth, log in to lastpass online, and read you secure notes on topic, like this "my w10 boot PW laptop#3" and/or, my Laptop4, bios Pw)
Gee LastPass ™ is free, why not use it , even only for this.? Login PW. only. (both bios admin and windows login , lots more...)
Store banking passwords only in your head, never write them down anywhere , not even allowing Microsoft or any browsers made to store any banking PW of any kind or even the login name or PW at banks.
There are 4 points of  view,  You, the Hacker or malware maker,the PC makers point of view and last your Goverment rules and point of view (we have NIST Rules here in the USA, year 2011 forward)

 HP (and others) BIOS password resets  (see BIOS PASSWORD LOCK  see photos just below
This is only complex due to so many classes of PC and the 36 years and vast generations of PC consumer or enterprise rated .  If you google wrongly, you get 11,000,000 hits on this, (reading answers wrong for your model PC)
The answer can be simple if you had asked your oem maker of PC how to do this, but alas todays new world order you must prove you own the PC first. (oops?)

The makers of PCs all changed there policies on PW resets.
 In most cases now, (modern) they maker of you PC will demand proof of owner ship. ( new laws and libility insurance dictates and more... even EU laws changed.)
History of PC security: (short story)
Really the old and silly practices of storing PW in the NVRAM, (called CMOS for short) with a battery is and was a total waste of time, and effort, say  it migt stop /block  only 9a 0 year old grandma's  
Most silly of all is PW-CLR jumpers, wow... patently dumb that was. but (common for decades and now GONE)
Next came the custom EEPROM flash chip password store. (custom designed by each maker of PC, no 2 same way)
Last we evolved to...

Then came H3LL , that thing called  TPM chip: ( dream chip to many and pure H3LL to those using it and not knowing what that means, it means don't use it and forget the Pass word.)
The BIOS(UEFI) admin passwords LOST, are  the most hard to cure starting in year 2012 (Windows 8 release soon)  The Password here is stored in a TPM chip (and has no reset) (my new desktop, DIY , has this chip but mine is turned off by ME)
My HP Elitebook has Intel® Management Engine BIOS Extension (Intel® MEBX)  , or AMT(tm) that allow me to use secret 3 answers to questions, HP calls this Intel-Anti-theft (in the BIOS security page)

(BIG HINT)My HP has 4 ways in to BIOS, (not bitlocker locked) BIOS ADMIN login PW, Finger print reader login,  HP SPARE Key login,  Intel-Anti-theft  asks 3 questions and you be in.
My HP if I lost the BIOS user PW, I go to BIOS ADMIN and reset the bad USER. ( ouch 2 passwords to lose )
The time tested practice of jumper resetting Passwords or removing the RTC coin cell battery are  USELESS on all ELITEBOOKS and PROBOOKS. (all enterprise level systems )
HP says,("request HP Services to use a secured HP service tool to reset the system to factory default.")  <<< what they do is send you a binary flash file SMC.BIN that resets only YOUR PC and never any ones elses.
Easy BIOS PW resets only work on consumer grade PCs, with  jumper clip resets or just  removing all forums of power and the RTC coin cell out for say 1 hours time.

How ever, if only  a  USER PW is set you can go in to admin bios login   and reset any user PW you want.  But not the reverse of this)
HP has policy, on Enterprise PC and Consumer grade and different rules.  In fact if you PC has TPM chip onboard, and you turn it on in BIOS (enabled) Then that PC is now under new rules.
BACK DOOR Dreams:
The consumer PCs at HP have a back door PW. (hit PW box, with enter key 3 times,  , see funny code like i59879876  , write that down , call HP and they give you magic password that works. (some $20 scalpers do this act too... I void them)
If the PC is a Business Enterprise  grade ( Probooks, and Elite books or Work stations) if done right there are 4 ways in, seen at BIG HINT ,above, and there are no jumpers ,nor does flat lining the CMOS  RTC coin cell do a thing here.
I will not discuss TMP chip hacks,  of any kind , the older flash chips that stored the PW in a simple EEPROM cheap serial  chip, can be hacked and can be replaced (pre coded)  But may brick your PC so I do not tell you how.
There are fleabay sellers sellig pre coded EEPROM chips to solder in,  good luck to you using that method.
The TPM chip is un hackable , really that is one of the goals, #1 TPM is not tamper proof ,hack proof, ,it is in fact super hack resistant. (from 1 to 100 grade,  jumper resets have 0 resistance, or say 25 grade for cmos EEPROM hack and 99 for TPM)
There are no grade 100 grade  systems, most or all things can be stolen and attacked in a lab. (of endless types) CIA/NAS .?
This chip can be Physically attacked, with 
hydrofluoric acid drip + SEM microscope,  or drills and the user may fix (hack) the chip, but the  BIOS sees that and bricks the system.
Really if data matters most, use bitlocker, the best systems are all inside the HDD, locked down inside. (read the white papers at SeaGate.com)

One more pesky window POP up at power on time. (this is a BIOS locked PC)
This I think is  DELL BIOS admin PW,  (stealthy and nasty) This one can be impossible to clear. This  can be a TPM chip or the Flashchip PW.


 
This is HP BIOS message , note the lack of HP marks !
 If you hit the enter key  3 times and get funny i12345678 code that means there is back door password cure. (never will you see this act, on any Enterprise  grade laptops, PRO or ELITE BOOK)
  If CMOS reset fails and PW jumpers fail and no back door, code shows up (i12345678) then you have TPM turned on.

Fast track? NOT? (sarc)  "Did you RTM first?" The maker service manual and for sure jumpers ?  This answer is 36 years wide, if you get my drift.
  1. You Googled for 3 days, and read the 11,800,000 hits of posts online (99% are lies then or NOW) and gave up. End the pain now, stop  using google for things like this. ok?
  2. You next opened the Desktop left side, found the jumper shown below, or you dismantled the laptop in to 25 pieces (breaking 3 cables) and found  no jumper there, at all. zero , nada.
  3. You pulled the RTC CMOS COIN CELL battery and all batteries and AC power, (even bought a new COIN) and left it out for 3 days, put it back and BIOS still PW locked.  (this did work on legacy PC for decades)
  4. You then wise up and  call your OEM (DELL.com or HP.COM) and they give you the correct answer, after all they designed it, built and shipped it. (amazing no?) bingo?
  5. The OEM my have a  PW, back door, (consumer grade cheap toy PCs; this is common )  Hit enter 3,times get a code ,tell the OEM this hint code and bingo a reset code password is sent to you. (modern ways and means)
  6. But no, your PC is not toy grade, but is Enterprise grade, (HP Probooks/Elitebooks) and HP sends you a SMC.BIN FILE and some very tricky instructions.
  7. Or all above fails and now you are at HACKING your PC. Good luck with that. (each if the 10,000 models of PC for 36 years are not the same, not by a mile and each one must be hacked on its own merits.
  8. Here is a Hack search. (oddly most examples forget you can NOT boot from anything at all, BIOS  locked this way. (admin BIOS password lost)
On most modern PC's only step 4,5,6 works. (In fact UEFI PCs even blocks booting to CD or USB by default (turn off safeboot and it will boot) but only if Admin PW is known.)

The most hard PCs are those built with W8 and newer Windows. (by design)
One document in the USA that covers this topic is NIST,  and new rules 2011 and up, on blocking hackers and malware, or as stated  "
Non-Bypassability "  This means you too, if you lost the PW.
Many PCs sold 2012 forward use these new rules.
In Europe they take this to heart too and add more., called European General Data Protection Regulation (“GDPR”).  (as they used to say, "This is not your fathers Oldmoblile", applies now.
Many folks today do not want their data stolen, even after the PC was stolen. (some folks use computers beyond gaming) but Bitlocker is a super  best solution.  Since 2008  and best with TPM chip'd systems (PC etc.)
In 2012 Bitlocker is solid as a  rock. (with Windows 8 up , UEFI +TPM) ! And is the wave of the future forward... (unstoppable)
See my 
comments on BL, here. , BITLOCK or HP drive lock.


Jumpers? were used for decades, but not now. (this would violate many laws now)
Legacy level 1 PW: 
(or any PWwith jumpers) If a desktop it only takes me 5 minutes left side case off, and looking at mobo for CLRPSWR or CMOS-clr or?
On those pesky laptops (notebooks and Pads) it can take an hour of labor to remove all cases , look for jumpers and the coin cell only to find out, IT IS NOT THERE AT ALL those jumpers, the COIN cell will be. (save a few old Toshiba's < avoid them)
The generation shows code in the PW WINDOWS,  when answered 3 times wrong.  Its code only hackers or HP can use.
Here are some consumer PC grade, backdoor decoder reset web sites,  Here-1, and here-2 or here-3.
ProBook 440 G2
This is one of 1000s of photos at HP for 1000s of mother board listed on HP support site.

This is and example of the most easy way to reset a BIOS PW. (mostly legacy now)

Example #1:  of an old HP PC that has jumpers.
Finding the correct jumper is not hard if present.
The best way  to do this is learn to read the manual, RTM, the HP web site ,shows the motherboard pages for your PC on those pages are the jumper shown, (most times at HP it's not in the service manual at all)
LOOK for the words, CMOS , PASS, PW, Clear, CLR,  and CLR-PSWD, Clear CMOS with white silk screened painted letters as seen above.
Some PCs respond (old) to just pulling the CMOS RTC VRAM COIN CELL BATTERY.  (all power removed, no batteries remain no power cords attached, and  push power button on dead PC  now then wait for 1 full hour)
This COIN cell trick only works on OLD gen 1 PC, with passwords stored in the NVRAM.  (some call this CMOS but is  not just one word, that is lazy talk, it's CMOS NVRAM, that is what it is. (the V = volatile)
The NVRAM forgets only if all power is dead. 100% dead (on my laptop there are 4 power sources, (AC pack, COIN, BIG Li-battery1, and BIG battery2 in the DVD bay (options I have). 
On some Laptops there is docking station, remove  that  first, as some have a battery or power there or both. (a 5th and 6th power source, amazing no?)
Desktops have only 2 power sources, PSU and COIN.

The only reason to read the below is because  you never read your Service manual or asked HP for help)
The below are GENERAL RULES:   there are 1000's of PC designs so RTM !
  1. Enterprise PC (say a ProDesk or Elite...) has 2 ways, to reset (not counting TPM) The CLR_PSWD jumper, if this feature is turned off , you must call HP and get the SMC.BIN file to reset it.
  2. Consumer PC (Pavilion?) Backdoor RESET  (if you see halt codes this) with PW field blank hit enter 3 time,  if you see halt code, this is what I call a   BACKDOOR PC.
  3. The   CMOS MOBO JUMPER reset, (this empties out the CMOS NVRAM.  (works on most older consumer PCs and some Enterprise if this feature is enable in BIOS setting)
  4. Kill all power way(I call this the ZERO POWER method) All power sources must be killed dead, in all cases and the CMOS RTC/NVRAM battery coin cell pulled.(wait 30min at least and reverse)
My 2010 PC has the TPM chip but is turned off in BIOS, if I turned it on (I NEVER WILL) then if you use the TPM chip and forget the PW your are mostly screwed.
 
The relationship of UEFI and TPM is explained super well here by IBM , in one page.(thank you  IBM !)
BIOS used to be simple, and some PC's now have up to 8 updates just for UEFI, because it was so buggy.
Some PCs like mine are 1/2 UEFI enabled, much easier to deal with; mine is year 2010 HP .  8540w  (my vacation only PC)
For most consumers it is best to keep TPM and BIOS passwords turned off,  unless working for CIA (haha) or have Data on you PC that is Secret/ designs / Art forms or other creative content that can not be lost or seen)
Or you work on projects with non disclosure agreements signed and TPM is mandated. (or bitlocker even more serious)
Before using this feature learn the Pro/Con's. The Con is, you lost the Password , now what do we do.? (crying towel if TPM is enabled)

TPM PW lost: (Trusted Platform Module {chip})
HP direct intervention. (with a custom BINARY FILE SMC.BIN)   Is one cure. ( use HP chat to learn this, and prove ownership... can you?)
This is not by accident it is by Design, you turned it on, now forgot the PassWord and you  or the thief  are now  blocked...

 
Examples of the newer PCs and how to deal with lost BIOS (or UEFI) passwords.

Warning do not  watch utube jockers /hackers, shorting out TPM chip pins to reset BIOS,  "the rule of electronics is never short things and for sure  things you do not UNDERSTAND"
It can work this, if you are at wits end,  1 minute before putting said MOBO in the trash can ,it is ok to short the 2 pins, but never short to the VCC pin ever. (that means you need to read your chip data sheet first, if and only if you know which chip is IT)
In most cases they short the ground pin to 1 of 2 serial lines. (of EEPROM _ a serial EEPROM)

First off enterprise PC by HP are called by 2 prefix names "PRO..." and Elite..." Probook, Prodesk and the like. (Desktop PRO is called WORKSTATIONS)
If you see those 2 words for HP, passwords can be near impossible to reset.(lacking HP direct intevention and help)

In the case of HP, ? why not just ask them first?,  Here read this page, covering how to deal with TPM chip,  in the OS and in BIOS.

I will now assume this PC is not a Backdoor PC.(consumer grade) nor will battery (zero power) resets work. (all clear jumpers are not there)
The process is per below if the TPM chip is not enabled.
This process can change at any time at HP or DELL or whomever OEM made your PC , if they decide to not do this in the future that is their call, or decide to end this practice on your PC after it is 10 years old.
In  a nut shell the steps.
  1. GAIN the PC makers premission first, called getting elevated support,  some business owners have support contract, or you can buy and extended warranty and gain permission more easy.
  2. The Pro/Elite book/desk PC's needs a   SMC.BIN file, Binary flash program to load that, and it resets the TPM PW  Send your BIOS F10 info page per below.  (I print mine out)
  3. The BIN file you receive must match you UUID,  and will  not work on any other PC on earth !  Just your UUID matched PC works here.
  4. HP then sends instuctions on how to perform the reset. Some PCs have  HP_tools folder with SMC.BIN already there, (my guess older Enterpise PCs only)
  5. That means if you stole the PC, and the real owner reports this to HP, then you will never get the SMC file , no way. (foiled you are)
  6. The UUID is a digital form a  PC serial number that only your PC has, 100% unique. 
  7. If you don't like this feature, then don't buy Executive level notebooks or Elite/Prodesk PC, or simple turn it off. (in the cases of TPM , you need to tread lightly here,.
The BIOS PW feature  is a trap, if you failed to backup the days data, to external medium then you turn off this PC , you may never get back that days work.
The BITLOCKER feature is also a trap in the same way.
Learn to write down your Password, put the small paper (post-it notes rule here) in a book only you know, and the page only you know. (or learn to uses SECURE NOTES HERE)

To get the UUID, boot PC and hammer the F10 key and go to the BIOS INFORMATION page, it is there, on all HP PC.
Be sure  to tell HP your  full F10 page data, make , model, UUID on that F10 Page.
My newer PC 2010 , is hammer ESC then hit F1. Seen below photos.

UUID =  (HP once sure you own SAID PC, will ask this number or even as step 1) (only your PC has this unique to you, huge serial number)

A universally unique identifier is a 128-bit number used to identify information in computer systems.
3.4028236692093846346337460743177e+38  , combo's (that is in scientific notation)

The most hard of all PCs to reset the Password, requires a SCM.BIN file to be burned into the BIOS memory (a reset ) only by asking HP. (telling HP your service tag data  or all seen on the F10 page)
here; by country.
http://welcome.hp.com/country/w1/en/contact_us.html
or chat
https://support.hp.com/us-en/contact-hp

AGAIN THE  TPM TRAP.

In the case of HP, ? why not just ask them first?,  Here read this page, covering how to deal with TPM chip,  in the OS and in BIOS.
MY F1 screen. (Go into BIOS , and when there hit F1 key) bingo INFORMATION PAGE.


On newer HP PC's they deleted the SERVICE tag stickers, and only use the above F1 data. (so if the screen is dead, you are screwed, nice no? I call them marketing PUKES)

End BIOS issues .

Local Windows OS  Password, I will not cover all 14 versions of windows. no.
Before Hacking , backup your data first !
The best hack we are told is the linux hack, using chntpw  (change NT Password) works windows 8.1 and older. OS. (it just changes it and does not need to guess the old one first)
The offical statement from MS is to reload the OS,  (after all would they teach how to steal other persons private data? answer, no!, why would the?)
Each year the OS get more difficult.  (if running relic and dead, now, XP or VISTA use google to hack it, these old OS are child simple  easy to hack. )
  1. Didn't write it down?   oops1
  2. Did you make a password recovery disk,  day 1,?  no? oops2.
  3. Now are you going to reInstall the OS? no? (the MS offical way)  HP F11 key fixes this, HP recovery 2006 to today.
  4. We land squarely on hacking. I will assume w7 or newer. (XP is dead and a virus magnet.)
  5. Have a working ADMIN account , use that to change the account that is locked out.
Windows 7 HACK.  (no virus way is " copy d:\windows\system32\utilman.exe d:\" A.K.A; the login page, exploit !
W7 has  login screen exploit that allows manual hacking of 1 file to get ADMIN (cured in later releases, dig?)

W8 near same as above.

In all cases Ask Microsoft.com first for help,  if they say, reload the OS then there you go, and most pages at MS say just that.

Next is: (local login's)

W10 , after many updates and newer builds can be very hard to hack , even impossible,  Some methods below are not free.   (and after the 2-Aug.2016 update most methods now fail ,due to AES128 encryption and HASH)
Learn one thing about W10 now, it is a moving target, at any time any day, MS can fix Password hacking methods, I say count on this.!
Windows 10, as of  2-Aug2016, updated (as all are now)uses  NTLMv2,  ASE128+MD4  encrpytion hashes now in the  SAM.
(That means All old  cracking disks (tools) now all fail .  ) 12+ character complex passwords  have all been harder to crack.
As will bitlocker.
Attacking the PC,  using  boot disk of any kinds, can be foiled. (even to you ,  lost PW)
UEFI  PC , and  safe boot  turned on,?  plus  BIOS passwords  protecting this. FAIL.
Then bitlocker on,  encrypted  HDD/SSD boot drive.(FAIL)
If  you did manage to  steal the  SAM file, good luck cracking it. (Copied to a usb  stick and attack  it  on  another  PC?.)
Many tools do not work now, below  is a list ... I do not know if they work, for sure after July 2016.



The W10 hack site 1:

The W10 hack site 2:

I don't do hacks, but you can learn to WEB SEARTH  it.

Keep in mind if the HDD uses the MS or HP encryption feature, I bet all the above fails...  (by design!)

The HP has F11 recovery partition that gains access to the installer and command prompt. (if you need to do that to hack)

The Microsoft home page for W10 down load will burn any DVD or stick with W10 installer,  (takes no retail COA key like W7 does, to DL it., so .... do that.)

Next time learn to write this password down on paper, and put the paper, in a book only you know, and page only you know. (I use PostIt notes so the slip of paper can not just fall out of my book)
All this is done  to protect your data,   even banking transaction data, etc...
If you can login (before) with no internet connection, then the above is true, you are local, but if you could never login, with the internet dead, then the below is what you have. (you have LIVE)

LIVE: (not local as shown above)
Rule #1, only microsoft can help you here, nobody else can hack microsoft online servers.  For sure not you.
The Microsoft live login , (if you said yes during the install of W10 then you are using  the Microsoft LIVE CLOUD login,  to reset that , as millions have is there.)

Cured only by going to microsoft live and doing  request there.                       And this MS policy page.
If these answers on the above line fail you must call microsoft on the telephone (Cell phone/CELL) and ask for help. (be ready to pay CASH)
  • In the USA, (800) MICROSOFT (642-7676)
  • In Canada, call (877)568-2495
  • In India, contact 0008004402130
  • In UK, contact 0800 026 03 30
 
 The below is fake  live.com login example, only you know your, live email login password.  (next time write it down in a secret place only you know, hide it in a book? only you know and page #?) 
W10,  the cute blue squares are you owly clue here.  No words saying this is Microsoft Windows 10. But it is Windows for sure, as it shows.
This is a live login, not local at all.  (always keep this fact in your head if  true)
Microsoft has many older live login ways, hotmail, office login's and Xbox 360 login's.
Commonly it can be your  hotmail.com, live.com, webtv.com, msn.com, or other Microsoft-provided email address is already your Microsoft account.
Even owners with Office 365, have an office email account that can work as the W10 login.
Do you use the Microsoft Store [y/n]?  if yes you  have an  account there at Microsoft.
Do you use the Microsoft Cloud? same deal as the store.

Only you know how you login, like see above, it is live.com (or the MS cloud login)
The MS page on this is here.(the CAN'T LOGIN PAGE)

Next time learn to write this password down on paper, and put the paper, in a book only you know, and page only you know. (I use PostIt notes so the slip of paper can not just fall out of my book)

All Microsoft Windows, have a login screen. It even says W7 clear as day here.
Here is set of failed login password screens,  a running list of all possible screens, on topic.
W7,  login,  you can have say 5 or more users here, with there own ICONS , and own PW. 
The solutions are only 3,guess all day, reload W7 from scratch or go online and find hackers that can hack it, and it can be hacked.
This is a LOCAL login only.









Bitlocker,
locked. (this too happens before Windows does squat.  (if you get this one below and lost the PW you are toast.  you will not break the 256bit AES encryption here.) (sure you can guess )
Note how nice , it told you it's bitlocker asking, what  brillant idea that is.
On paper, 2256 may seem like a normal number, but don’t you dare underestimate its power.(ti.com calculator shows, 2 to 256 power is 1.16-E77 decimal combo's.  Below is unrounded number)
 256-bit will have 115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936 (78 digits) possible combinations.
No Super Computer on the face of this earth can crack this. it will take millions of years to do so.  (not saying if you got one PW letter wrong say  L is l and bingo works. ok?)
Do not think for a moment the software below  lets you guess at  10,000 times a second, IT DOES NOT.
Aka, HDD encryption.  Some newer HDD do this inside the HDD itself, and is not crackable by design.
Notwithstanding, say your Bitlocker PW was your moms maiden name,  say it's "lovelace",   If you think you got the L wrong on one or both,  you  need 4 tries total on the L upper and lower.  (l + l , L+L , L+l and l+L) (only a human can know this and make it easy)
If you don't know the PW name at all, (clueless) or letter total character counts,then guessing is IMPOSSIBLE HERE. Most modern software forces 8 char. passwords, mininum so "ME" is not allowed.
Like this doozy from Lastpass ($&A3PiX9G1#qEW5xHLkB) I use similar... and I do love lastpass.com (big time love) try Secure notes there !!! use it or write them down.
Btw I never write down banking PW nor Usernames at same,  all are in my head.
Only human can solve bitlocker,  if you know that say 1 character is wrong, only then work just that 1 digit, L upper L lower is (l)  or mixing up 1 for l or L.  Only you know this, and only you. (if not you are doomed.)
If your bitlocker pw was 1234567890 then its easy, but not if it is "v%Ajn255$RBq" 
Using a dictionary attack on modern PCs, and OS,  is mostly a failed idea,  they now use long delays, in the GUI to prevent rapid automated guessing
The only attack that works well is finding the actual encryption password file (some are secret) and attacking it off line. 
That is why HDD now have the encrption engines inside the HDD logic chips where YOU CAN'T GO.

 These comments are only mine, and mine alone and are only OPINIONs. The real truth is all this STUFF varies by the year and make your PC .

version 2  .  8-1-2017  .   revised for more PW examples 6-20-2018