Should I Give Computer Password to Laptop Repair Guy?

Hi, my daughters touchscreen laptop had a cracked screen and I organised for the laptop screen repairer to fix it. He’s in another state so it’s picked up and returned by courier. I get a message asking if I had turned off the touchscreen function in settings because he said the screen isn’t responding. I can’t remember.

He said he can’t test the newly installed screen without checking if that function is turned off or not so he said I could give him the laptop pin for him to check settings. Otherwise he could send it back untested.

I’m a bit nervous giving him access to it but surely repairers need to have a level of access that involves tinkering with settings, what should I do?

Poll Options expired

  • 183
    Give him the password
  • 48
    Are you crazy


  • +7

    Is it a legit repair business or some random from Facebook?

    • Seems legit and professional in all dealings - and it was a business recommended on the forum

      • +24

        Seems legit
        recommended on the forum


      • +14

        You got scammed. Don't give pin. Didnt you see what happened to edison chen after sending his computer for repairs?

        • yep, he's going to get hunter biden'd

        • -2

          are we assuming OP's daughter (teenage?) has porn on the pc?

        • I remember reading the hacker saying on the forum he will be releasing more photos on a certain date. Everyone called him bluff and he did release it lol

      • +4

        Legit or not, touchscreen can be checked without a password .

        • +3

          Not if it's been disabled.

          Which is the whole point of the request.

          • +1

            @KSMLJ: Can probably just boot into a Linux Environment off a USB stick and check from there.

            • @thegieche: Doesn't mean the same settings would be running on the windows installation. It's a legit request I don't know why everyone is having a whinge.

              • @MrSammyMcG: True. It does verify that the repair of the touchscreen has been successful though.

                I guess it depends if the technician is trying to check that a physical repair was successful or to make sure OP’s windows is configured correctly.

                For me, Is be happy that the physical repair was complete and handle Windows myself. Not everyone is going to be happy with that level of support though.

            • +1

              @thegieche: Multiple live distros would work.

              Most laptops I've used have built in testing prior to boot that would show if it was functioning as well.

              Most important thing though is that you factory reset your device before sending it to a third party.

              I do repairs and troubleshooting at my school and for family/friends, I wish people would stop telling me their passwords. I can get into at least 10 people's work/private accounts. From there it would be pretty trivial to access other accounts (although many use the same password for everything anyway).

              "My password is xyz if you need it" No I don't need it, stop telling people your password. If I need it I'll ask you to type it in, no not tell me, type it in yourself.

  • +36

    Depends how old your daughter is and what is on the laptop. If she is like 12 and has nothing on there, then that is fine. But if she is like 18 and has photos of her friends on there, then maybe not.

    • +3

      Besides the point. When you are sending away or dropping off your Laptop or even a Desktop for that matter, always backup all your sensitive data & remove it [copy it onto another storage device, outside of the backup]. Even better, if you have a spare drive, just install that with a fresh copy of Windows [unactivated it fine] & put your main drive aside. They don't usually need the storage drive unless its an "possible" issue with the drive itself [corrupt/causing BSOD]

      In this way, you have nothing to worry about. Some people are really paranoid about a techie seeing their holiday pics.

      • +10

        In principle, yes, this is what you should do. But it doesn't help OP, who has already sent the device. For that matter it doesn't help most people with a defective device because they probably won't be able to do all that after the fault occurs…

        • +3

          Perhaps the technician could replace the HD, install Windows on it and check himself?

          Edit: just noticed Cheapasthebird made the same comment below already.

          • +3

            @S2: If I was an hourly-rate technician, that's probably what I'd do ;)

          • +6

            @S2: A better/easier option would be to use a live boot USB stick into a touch aware linux distribution

      • +4

        Some people are really paranoid about a techie seeing their holiday pics.

        But are fine with everyone on Facebook seeing those photos.
        Still, good advice.

        • +1

          "In this way, you have nothing to worry about. Some people are really paranoid about a techie seeing their holiday pics."

          What people probably should be paranoid about is that with their login password, the tech has access to all of their saved passwords to all the websites that they have visited and chosen to store. Especially if they haven't set up multifactor authentication for those sites. (or if they have enabled MFA bypass for multiple days). Trust is a big factor when it comes to techs.

          Most legit businesses and techs will probably follow their obligations and moral compass. However there are also plenty of weirdos in the world.

          In theory, the tech could swap out the hdd for testing without needing a password.. but that will involve extra effort, time and probably cost or they could boot an OS off usb for testing

    • +3

      Root kits and spyware exist, could be something to turn the camera on and report back to base.

      For the sake of postage I'd take the chance and post it back if it doesn't work to him.

      • +12

        IT Guy here. Honestly, it might depend on the shop, but this seems unlikely. The financial incentive (botnetting your machine) is minimal, and there are easier ways to mine user data than manual installation. Even when I've come across dodgy content when doing a job the last thing I want to do is view it.

        For security the tech should use a liveboot usb stick to get into a touch aware OS to do the testing.
        For speed the tech should ask for your passcode.
        For convenience they should have got you to log in and used a mouse jiggler to keep the session open.
        For simplicity they could probably run a diagnostic from bios to test the screen.

        Theres plenty of ways to approach the situation.

        • I'm taking about guy just being a pervert, he likely knows its for an underage girl. I work in cyber sec so perhaps unusually paranoid about this stuff and although I agree it isn't likely, unfortunately it also isn't without precedent.

          Good point they should just USB boot a live OS to test what they need to. If they insist, I'd either have them 1) reinstall fresh OS to test what they need to, or 2) send it back as is, and on the odd chance it doesn't work, back it up, wipe it, post it back to finish the job. In both cases wipe it again when you get it back.

          • @peterpaoliello: I get that, I'd taken it from the view of the guy sent it in to the shop and they didnt know much about the user. But 100% can see the guy being a creep and snooping from a cybersec point of view. I guess the counterpoint to that is that he can creep the machine without needing a password, but if he could do that he could also test the machine without the password?

            • @Intoxicoligist: Depending on the device i wouldn't expect he'd be able to creep on the device without the password, perhaps I've been in corporate too long not sure how prevalent disk encryption is in the home market.

              • @peterpaoliello: Oh god, the home market doesn't even know what disk encryption is. Bitlocker isn't on by default in win10 home, and no home tech will turn it on for fear that grandmas photos will be locked behind a forgotten password.

  • +9

    It seems a reasonable request to me.
    I assume you removed any confidential info from the laptop before you sent it for repair.

    • +24

      ASS U ME

      • +6

        How long have you been waiting for this moment. :D

        • Long enough to catch open mouth disease.

          • @drfuzzy: .
            His user pic checks out
            (it's not a toomur)

    • +1

      Yeah it’s only used for her school portal which itself is password protected, nothing to speak of beyond that. I guess the concern is not what might be downloaded or accessed now but malware, key loggers etc.

      • Do they access any of their social media accounts through this device?

        • +1

          No - too young to have any other than the school moderated social media which is through the portal.

      • +20

        Reimage it when you get it back to ensure there is no malware or key loggers on there.

        • +1

          That's provided he already has or made a System image before sending it, which he probably should have, but judging from his OP, he hasn't.

          Reimaging for you, me and many others is a piece of cake, but you'd be surprised how many has no idea what it is and how to do it.

          • @TilacVIP: Seriously, why would that be a surprise?
            It's like: you'd be surprised how many people can't make a souffle.
            Or: you'd be surprised how many people can't bleed the cars brakes.

            • @bmerigan: because I was replying to "geekcohen" who said to just re-image it.

              Why would it surprise me ?? It doesn't.

      • If the tech was this way inclined, he probably wouldnt bother asking for the password anyway.

  • +2

    This person owns a repair shop? Surely they have another device to test the screen in.

    • +16

      You would need an identical unit to test the screen in. A touchscreen and LCD assembly for a Dell Inspiron 3000 isn't going to work in a Dell Latitude 5000, for example, and even within devices of the same model, the manufacturer can sometimes source different displays from different suppliers which have different connectors.

    • +1

      Yep he said the screen tested ok on his test device.. but said the only way to be sure on my one is to check that setting.

    • +16

      Or he could boot it using an external drive (or different internal drive)

      I would be honest and tell him you have hesitations with giving him the password so if he boots with an external drive/live usb and the touchscreen works during testing, you'd be happy with that. Whatever touchscreen setting is set at the moment will be wiped when you reimage/wipe it when you receive it back :)

      • +7

        Yep, a professional repair person would have to hand a USB stick with a Linux version and all sorts of diagnostic utilities, including ones that would test the display more thoroughly than just in Windows. Sure you can lock a laptop down so it won't boot an OS from USB - but not unless OP has gone to some lengths to do that. Default Windoze configuration should cause no problem.

        • +7

          I would bet good money that the vast majority of PC support/repair people have never used Linux.

          • +2

            @abb: Does not have to be Linux. AFAIK, windows 10 can be run from a USB stick as well.

        • +2

          There is no guarantee that particular controller / touch device is going to work under linux.

          It's a huge, stupid dick around for them to boot linux and hope the screen responds.

          Furthermore OP isn't technical, if they get the screen back with this option turned off there's a chance they'll complain. The technician is doing everything correctly to avoid problems in the future.

          • -1

            @knk: Bizarre, knk - you clearly know nothing about operating systems.

            You boot with a Linux stick just to diagnose and repair. If the screen problem occurs booting into Linux, odds are its a hardware issue. If not, odds are it's a Windows problem. Simple. Though if you need to delve further Linux does have very good techie tools. When/if problem is fixed, you pull the stick out and reboot into Windows - no trace of Linux left.

            • +1

              @derrida derider: I know plenty and work in the industry.

              Fact of the matter is you have no guarantee the particular touchscreen controller will be supported under linux when you boot. It is not a reliable method to test this.

  • +2

    what's worst could happen, finding some pics of naked guys on your daughter's laptop ?

    • +1

      that would be suboptimal in and of itself. Also would be concerned about camera being hijacked.

      • +3

        that would be suboptimal in and of itself

        Even worst, when one of the naked guys someone who went to uni with.

        By the way, you thinking too hard. I got your point, its like you giving tradies your key to come and fix something, hopefully they wouldn't bug your house.
        But you have to trust the tech guy in a point, if you find out he bug the laptop, you know it's be him no one else. I assume, you getting this fixed by some reputable company. Your daughter's laptop isn't the only laptop they are fixing.

      • get her a camera cover/slider , costs few bucks

  • +8

    If you're worried about security, then back up the data when you get it back and do a factory reset. Change all passwords, which you should be doing regularly anyway.

    I don't think it's an unreasonable request for them to make sure the touch screen is working correctly (providing that it is, in fact, software/driver disabled). If you don't use the touchscreen, you can always tell them not to worry about it.

    • Wouldn't be easy to backup the data when screen is dead.

      • +1

        Cracked (not dead) screen has been replaced, only issue is that the touch screen isn't working on OP's windows installation, likely due to OP disabling the driver after it cracked.

        Once OP gets the unit back, they can back up and re-image if security is an issue, or take the risk of it not working properly after attempting to re-enable the driver.

  • +5

    You can log out out of Google remotely via another device if you want to prevent others from accessing Gmail etc. thru a device with an already logged in session.

    The same goes for Facebook

    and LastPass

    regardless of whether you intend to give them the password to your laptop or not, you should do this anyway when your laptop is no longer in your possession. It's good security practice to do this when you've lost/ misplaced a laptop or are getting it repaired by someone you may not trust.

    • +1

      That doesn't help if the password for the service is saved in browser (which most people seem to do).

      • Chrome stores passwords in your Google Account (if you have sync turned on). Wouldn't that mean that auto-fill won't work if signed out of Chrome?

      • but you still need to put in a master password for that particular site before it accepts it. At least in Firefox it's like that.

        • I'm using Firefox now and it doesn't do that for me (I store passwords for logins I don't care about - forums etc).

          • +1

            @macrocephalic: Master password is off by default. Go into Firefox settings to setup a master password.

      • do yous recommend Lastpass?

      • +1

        That's why you also change your password for those services so any locally saved password is useless.

  • +5

    It seems a reasonable request to me, you want to ensure the screen is tested etc before being returned.

    The repairer should have advised you they will need admin access to the machine etc.

  • +11

    First rule for sending a computer for repair is to remove all personal data and create an account so the repair people can get onto it.

    They should have told you this before you sent it in

    • +3

      I assume normally you can test a new touch screen at the log in screen without having password access, he probably didn’t anticipate the possibility that the touchscreen was disabled.

  • +3

    Can't they swap out HDD and boot to another copy of Windows or just boot from USB image, etc? If he's testing hardware, surely it doesn't matter if it's your daughter's account or not? Or is there a bios/boot style of password set?

    • +1

      Sure, you could spend a fair bit of time as a work around.

      What happens if OP didn't know how to re-enable it themselves as they can't remember how they disabled it the first time? Calls back and forth, couriering the laptop back to repairer again with potential freight damage (they're not going to allow them to remote desktop in, are they!). Who is liable? A twenty minute job turning into a two hour job, and a disgruntled client.

      Or, you know, get the pin/password from OP and see the driver was disabled, have it finished within minutes and know for certain that it's working with OP's installation.

      You do have to be careful, there's plenty of dodgy people out there. As stated above, this does sound like a plausible request and they're getting paid to do the job (providing it's a genuine existing business). Back up and factory reset if you don't know how to check yourself for programs that shouldn't be running, and checking antiviral/malware/ccleaner software. Reset passwords anyway.

    • -2

      You can't swap HDDs between machines easily, they care about what motherboard they are connect to. So repair shops can't have a test HDD lying around with Windows on it for example, because it would not work on any other machine than what they set it up for in the first place, it would need to be set up from scratch again each time it's put into a new machine. It's a much fussier option than it first sounds.

      • +4

        You could run hirens/ubuntu live USB/CD instead of replacing hdd/installing windows. That'll get around the Stop 0x7b to communicate to the hard disk controller. The repairer may have even checked this, but it's still not working on OP's installation. It won't fix the current situation if OP didn't know how to re-enable.

      • I've never used a touchscreen laptop, just figured you could boot to Windows setup or something like that to test it, or test it in the bios. Guess it's highly dependant on the laptop hardware/model/brand.

        Agreed @Kail, totally not suitable most of the time .I thought it might be a school supplied laptop, so in that case maybe the repairer saw a lot of that brand/model and could swap a HDD. But even then…

      • +1

        You don't need to, a very easy method is to create a "windows to go" usb drive and boot from it, and this will allow you to test the laptop. And it doesn't need to be setup each time you plug it into a new computer.

        • That sounds a lot easier than trying to swap an HDD, that's for sure.
          It wouldn't help identify driver or settings issues though, which it sounds like might be a problem for OP's laptop.
          I don't think OP can get around not providing the password, they'll just have to change it to something else when they get it back.

      • -1

        In Windows 10 you can it works almost 100% of the time, especially on current setups. Besides, it's easier to just install an empty drive and install a Vanilla copy of Windows 10 [unactivated will do]

  • +5

    so I've taken my car to the mechanic so he can fix the engine noise, should I give him the keys?

    • Only if you like GPS trackers installed ;)

Login or Join to leave a comment