Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles / Languages / C++

Mobile Development – Reset Device Password

5.00/5 (1 vote)
17 Sep 2010CPOL1 min read 11.7K  
How to reset Windows Mobile device lock/PowerOn password

Sometime ago, I got a device locked with a password. As I needed to access the device using ActiveSync, I did some research and found the registry keys responsible for the device password:

HKLM\Security\SIM\6fb7
HKCU\ControlPanel\Owner\PowrPass

So I wrote a small application which resets the device password.

You can use the code in your application to remove the password protection of your device.

But how can you start the app, as you cannot unlock it? If your device supports a memory card, you can use the OS feature that start an app called AutoRun.exe in a special dir of the memory card. The special dir for ARM processor based devices is 2577. If you place the PassReset.exe as AutoRun.exe in \2577 of the memory card and then place the mem card in the device and reboot the device, the OS will automatically start the app. So you can start ResetPass without having access to file explorer, etc.

C++
// PassReset.cpp : Defines the entry point for the application.
//
 
#include "stdafx.h"

int resetPassworkLock(){
    int iRet=0;
    HKEY hKey;
    byte *pBuf= new byte[255];
    HRESULT hRes=0;
    DWORD dwType=REG_BINARY;
    DWORD dwCount=0;
 
    hRes = RegOpenKeyEx(HKEY_LOCAL_MACHINE, L"Security\\SIM", 0, 0, &hKey);
 
    if(hRes == ERROR_SUCCESS){
        hRes = RegSetValueEx(hKey, L"6fb7", 0, dwType, NULL, dwCount);
        if(hRes==ERROR_SUCCESS){
            RegCloseKey(hKey);
            hRes = RegOpenKeyEx(HKEY_CURRENT_USER, L"ControlPanel\\Owner", 0, 0, &hKey);
            if(hRes == ERROR_SUCCESS){
                pBuf[0]=0x00;
                dwCount=1;
                hRes = RegSetValueEx(hKey, L"PowrPass", 0, dwType, pBuf, dwCount);
                if(hRes==ERROR_SUCCESS){
                    RegCloseKey(hKey);
                }
                else
                    iRet=-4; //error in setValue for PowrPass
            }
            else
                iRet=-3; //error in OpenKey for ControlPanel/Owner?
        }
        else
            iRet=-2; //error in setValue for 6fb7
        RegCloseKey(hKey);
    }
    else
        iRet=-1; //error in openKey for Security/SIM
 
    return iRet;
}
 
int WINAPI WinMain( HINSTANCE hInstance,
                    HINSTANCE hPrevInstance,
                    LPTSTR    lpCmdLine,
                    int       nCmdShow)
{
    // TODO: Place code here.
    TCHAR *errStr[5];
    errStr[0]=new TCHAR[]=L"No error";
    errStr[1]=new TCHAR[]=L"error in openKey for Security/SIM";
    errStr[2]=new TCHAR[]=L"error in setValue for 6fb7";
    errStr[3]=new TCHAR[]=L"error in OpenKey for ControlPanel/Owner";
    errStr[4]=new TCHAR[]=L"error in setValue for PowrPass";
 
    int iRet = resetPassworkLock();
    MessageBox(GetDesktopWindow(), errStr[abs(iRet)], L"PassReset", MB_OK);
    return iRet;
}

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)