How do I access a system protected by the Windows Logon Agent in an emergency?

There may be situations in which it becomes important to bypass the Passly Two Factor Auth Windows Logon Agent to remove it. Some examples could include:

  • A defect in the agent causing logon failure
  • No access is available to the Passly Two Factor Auth Web Service, and offline caching mode is not enabled
  • Need to change the Override Password without logging in

These should be rare occasions and examples that should not be taken lightly. The purpose of the agent is to enforce strong authentication, and it significantly weakens that purpose when people take it upon themselves to unload the agent.
The Windows Logon Agent utilises a registry setting that loads the agent at boot. You can find that in the registry at 

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{00AB56B7-F30A-49E8-93E0-97D1F5E3C12E}

 

You can remove agent as well by booting into safe mode without networking or remotely connect to the registry and remove the registry key named above and reboot the computer.

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section