5

One of the recommended methods for bypassing Microsoft account login during the Windows 11 OOBE is to attempt to log in using a locked account (no @thankyou.com being the most commonly recommended account to use). This causes an error on the server side that would then allow Windows to be installed using a local account.

Though there are other methods to bypass the login, such as the OOBE\BYPASSNRO method, some may prefer or require to use the 'locked account' method over others due to simplicity, time constraints or otherwise wishing to keep an active connection during setup (eg. for preliminary updates). Using a random gibberish domain as opposed to a known, registered domain reportedly fails occasionally to trigger the server-side error allowing a local account to be used. I am already aware of these alternative methods, so I am not asking for them to be explained here.

In various discussions on this general topic, there have been security concerns raised about attempting to use a locked account tied to the owner of a domain such as ‘thankyou.com’ (which in this case happens to be Citibank).

As suggested in a comment in this question, could the domain owner be granted privileges remotely over an OS installed this way? Is there some facility in the backend of Microsoft’s servers that would allow for an attack vector like this?

Robotnik
  • 2,645
Brybeck
  • 150

1 Answers1

7

I have done this many times using the following method.
It has worked every time for me.

I can't see a reason using the method you describe so if there is indeed a reason, please enlighten me. I certainly don't know everything.

Disable internet requirements

On the "Sign in" page, use these steps:

  • Use the "Shift + F10" keyboard shortcut to open Command Prompt.

  • Type the following command to release the current network configuration and press Enter: oobe\bypassnro

    Quick note: The command is a single phrase without spaces.

  • Computer will boot automatically, and you may need to start the out-of-box experience again.

  • Click the "I don't have internet" option.

@VolodymyrKotylo has informed me that an addition step is required although I have not seen it myself.

"One more step is needed after reboot: "ipconfig /release" on the sign in screen. And after that press "go back" and you'll see the username input screen"

Source (even though I already knew how to do this, the person I scraped this text from deserves credit)

Señor CMasMas
  • 6,155