Should I Give Computer Password to Laptop Repair Guy?

Hi, my daughters touchscreen laptop had a cracked screen and I organised for the laptop screen repairer to fix it. He’s in another state so it’s picked up and returned by courier. I get a message asking if I had turned off the touchscreen function in settings because he said the screen isn’t responding. I can’t remember.

He said he can’t test the newly installed screen without checking if that function is turned off or not so he said I could give him the laptop pin for him to check settings. Otherwise he could send it back untested.

I’m a bit nervous giving him access to it but surely repairers need to have a level of access that involves tinkering with settings, what should I do?

Poll Options expired

  • 183
    Give him the password
  • 48
    Are you crazy

Comments

      • +1 vote

        Or an unsolicited photo in the glovebox

    • +1 vote

      Yes give the mechanic your keys.

      But would you leave a lifetime of personal emails and chat history, thousands of personal photos, all kinds of passwords, and a random mix of other confidential information, banking, bills, contracts, etc all sitting on the passenger seat?

  • +12 votes

    You sent him the laptop to fix, and now your concerned about giving the password?

    he can remove the HD and stick ti in a external case and go through everything now…

    how do you expect him to do his job without it?

    • +3 votes

      he can remove the HD and stick ti in a external case and go through everything now…<

      Really? I didn’t know that, even if it’s password protected?

      You sent him the laptop to fix, and now your concerned about giving the password?<

      Which is why I’m asking here. I didn’t say no I’m just getting advice. He didn’t ask for it upfront as part of his procedures, there were lots of instructions but no reference to password or admin access.

      • +12 votes

        Bitlocker is not enabled by default in Windows. So unless you enabled it, the repairer can already access all the files on the device if they wanted to. They could also bypass the login, but they are of course going the legit route and just asking you for permission.

      •  

        Really? I didn’t know that, even if it’s password protected?

        Are you sure it's protected, I mean, you can't even tell him if the touch functionality was disabled. How do we know the admin password isn't just the word 'password'…

    •  

      he can remove the HD and stick ti in a external case and go through everything now…

      Easier to just use a live boot OS to access the files on the main drive.

    •  

      Not if its bitlockered.

  • +13 votes

    I fix laptoip screens at my work, some replacement touchscreens use different components and will need the driver updated for the touch to work. password requrest 100% legitimate and required to login to check this.

    •  

      If it's a corporate environment, isn't this what your admin password is for?

      •  

        Depends if its BYOD or not I guess.

  • +11 votes

    Computer repair services have ethics to abide by, such as not going through others personal information, but on the flip side, if they find something like child pornography on your PC, they have a duty to report that to the authorities. Password is needed to test full functionality of the screen

    • +1 vote

      If OP's daughter is under 18 and has compromising photos of herself or her BF on the laptop and the tech stumbled across this. Then would they be obliged to report it to the authorities? And could OP's daughter be charged for producing CP? Perhaps OP needs to discuss with his daughter the contents of what's on her laptop and how she feels about someone having the password to it.

      •  

        Cops aren't going to charge OP's daughter with anything

        OP needs to give the repair guy the login details, not have a super awkward discussion with his daughter.

        • +2 votes

          Maybe the solution is just straight up tell OP's daughter: "I'm giving the repairman the password to your computer. Is that okay?" and let her decide whether or not she wants her privacy at risk.

    • +1 vote

      No it isn’t… you can boot off a usb, chances are the drive isn’t encrypted and they could access the files anyway at that point though.

  •  

    format it, yolo

  • +1 vote

    If there's nudes of her on there, then no I wouldn't give them the password. There is no code of ethics for computer repair guys, they are just random guys. I might trust Apple themselves, they can afford to have systems in place, but not some random computer repair guy.

    •  

      Even if there were a code of ethics, relying on the ethics of others generally leads to a bad time.

      • +3 votes

        if there's one thing Louis Rossmann has shown me, is to not trust Apple repair guys lol

    • +1 vote

      If the repair guy had no ethics then he would just take out the hard disk and attach it to a different PC and can access the files on the disk. I dont think Windows encrypts a disk by default.

      •  

        Yeah but they wouldn't be able to access logged in social media and banking accounts, install keyloggers, etc.

  • +4 votes

    Technician can boot computer off USB stick. Unless we are talking about BIOS/EHFI boot password

    Once booted, the screen can be checked after the correct driver is installed on the portable OS.

    If the screen is one for one replacement, the laptop doesn't need extra driver to work… So IMO no need to use password to log on.

    • -1 vote

      THIS! Is the good answer!

      If they are replacing with the same hardware, no need for the driver.

      They can boot off a USB stick to check and do not need a password. Just a bit more work to get the USB working for a particular model.

      I wouldn’t give password to be honest.

    •  

      With none of the required drivers to make this function…

      He can get in if he really wanted to without your password. It's just to save time and get your device back to you as fast as possible.

      •  

        Wrong. With bitlocker, there is no way he can get into the disk without the password.

        •  

          Correct - much to my dismay as a technician when there is a software fault or corruption making the device not get to the desktop and the person in question hasn't got a Microsoft account (where the bitlocker key gets saved), and they haven't made a manual download of the encryption key.

          I fully understand the benefits of bitlocker and appreciate customers having it activated but it CAN make a technician's job impossible in some situations if the fault is on the hard disk.

          Very hard to explain to the customer sometimes. Most don't even know it was enabled.

  •  

    Guys I just drove my car to the workshop for its annual servicing.

    Shall I give them my keys?

    Just wonderin.

    • +7 votes

      Would you leave your credit card and give your PIN to pay for the service?

      Just wonderin lol

      • +1 vote

        No, same reason I don't think the OP has to tell the repairer his financial details and give him access to it. It's not necessary.

        It the mechanic told me he required it, I'd take my car back and go elsewhere.

    •  

      Why are people using cars / keys as a comparison. It is 100% necessary to give the mechanic the keys. They may need to move it once it has been finished, the may need to put it on a heist, they may need to start it to check something.

      • +1 vote

        Damn those mechanics pulling off all them bank heists in our cars…

  • -1 vote

    Would you give tightly correlated personal data with your name and address to the Australian Bureau of Statistics - and hope that the data which is stored in perpetuity never leaks, gets hacked, or legally shared with every other agency and commercial organisation in Australia and the world?

  • +3 votes

    Assuming it's a local Windows account and not a Microsoft account used to sign into Windows, it's very very easy to remove. Like I'm talking 20 seconds easy.

    •  

      Depends. If the user has enabled Bitlocker then ya’ll ain’t renaming cmd to utilman.exe

      •  

        Yes also true.

  • +7 votes

    Tell him to boot from a USB drive. What a n00b.

    •  

      Yes there are many ways you can fix a laptop that do not require access to the account, there is no need to hand out the password.

    •  

      Sure you can boot windows from a USB but can you update driver from bootable USB? Asking for a noob.

      •  

        If you boot from a USB drive then that IS the system. The normal boot drive isn't needed at all.

      •  

        If the repairer replaced an exact screen, the. There is no driver update required.

        If there is a need, they can always email the driver to op after tested it on USB.

  • +1 vote

    I hope your daughter does not use the same passwords for everything.

    •  

      It may not make much difference.

      All her saved web logins etc will be trivially copied once the guy has her login password.

  • -1 vote

    Lot of paranoiud guys out there. Man has to do his job.What? If you got a hernia, you not going to drop your strides and let the doc have a feel?

    • +2 votes

      Err, you mean a prostate issue right? Why would I rock up to my doc without pants if the hernia is in my abdomen?

      • +1 vote

        Not really, Inguinal hernia is the common one , where the doc feels around your jewels and groin and says,"Cough".

    •  

      Yeah but I'm not giving my doc a bunch of my passwords, private ssh keys, thousands of photos, years of chat history and emails, and all kinds of random other confidential junk I have long since forgotten about.

    •  

      If she uses Firefox you can install MozBackup and have all her logins to use on any computer

      •  

        Firefox Sync is built-in to Firefox.

        • +1 vote

          I mean the repair guy could steal her Firefox profile and use it on his own computer with all the same sessions that are already logged in.

  • +2 votes

    Is your name Hunter Biden?

  • +1 vote

    Is it a PIN or a password?

    Passwords are likely to be used all over the internet, so I would be wary.

    A PIN, however, isn't. Likely to just be this laptop, and maybe a phone or ATM card

    • +1 vote

      My laptop has a PIN to log in. I can also set it as a password, or use Windows Hello or a pattern I believe

  • +1 vote

    Tell them they have permission to test using a bootable windows off USB flash drive.

  •  

    Call the bikies and see what they think

  •  

    Why won't you go in the shop and test it with him?

    •  

      He’s in another state so it’s picked up and returned by courier.

      •  

        Right, guilty at not reading the whole post.

  • +3 votes

    A competent repair person would be able boot it from a USB and test it.

    •  

      Would have to manually load the drivers which would make the process take longer.

  • -2 votes

    Both options aren't great, a better option would be to setup a temp admin account that doesn't require a password.

    If it's too late to do that and you're still concerned, arrange to go to the shop, login, then the repair person can setup this account.

    Otherwise as others have said, give them the password then change it when you get back.

    •  

      Temp local admin account also means the tech can take over local folders permission and access files on computer.

      It is best to backup computer, clean the drives good and reinstall before sending to repairer.

  •  

    could give him the laptop pin

    I'd it is the Windows Hello pin it is stored on the laptop and does not provide access to online accounts.
    It would only provide access to the laptop, files etc

  •  

    Hey OP. Any chance the person you sent it to is Paul Daniels? If so, he is pretty reputable and even recommended by Louis Rossmann (you can look him up if you don't know who he is). For anyone else looking for laptop repairs, I high recommend Paul Daniels. I have sent my 2012 macbook to him once, last year, for board repair. If I had taken it too Apple, I would have been laughed out of the store for still using a 2012 machine.

  •  

    Windows password protection is absolute garbage and anyone can give themselves admin access quite easily, some more popular methods are using a linux bootable drive to make an admin command prompt at login screen and making a new account, using the HDD in another PC and giving themselves admin rights to the whole lot (or making a mirror of the drive), exploiting the windows admin account (if enabled) or simply booting into windows from a USB stick and accessing the main HDD through there.

    Best bet is to give him the password, let him run his test and then get it back. If you really dont trust the business, change passwords to important things (wouldn't bother with small things like online games) when you get it back and move on with life.

  • +4 votes

    As a technician for 20+ years now, yes, the machine can be "hacked" to give me full permission even if I don't have the password.

    Yes, there are quite a lot of features when fixing a computer that need an administrator account.

    So basically I always ask for the password OR add another administrator account to the PC for my use (no protection for them mind you just to stay out of their profile).

    Not really much of a way around it.

    Maybe Microsoft should allow for a "technician" account that is in every other way an administrator account, but is activated only temporarily by the original owner of the notebook, and does NOT allow technicians to see any files/documents by other users. Only thing I can think of that might fix it. But it doesn't stop me hacking the password I guess. I change my mind there is no answer.

  • +2 votes

    It's the old saying - "Physical Access = Root Access"?

    Just give it to him.

  • +1 vote

    As someone who works in IT, I ask you please have a little amount of faith in someone you have asked to help you.
    Just because you give him your password doesn't mean he wants to look at anything or do something malicious.

    Trust works both ways, he trusts you'll pay him, trust him that he will do his job and do it professionally.
    Reviews are a good way to warn of dead shit backyard IT shops who do terrible work, if you did you research you must have/had a little trust that this company could do the job.

    If he really wanted to get into your laptop he would…

    Hope you get it all sorted!

  •  

    No I wouldn't give my password (or my family members password) out to the repair guy - and it's kind of unprofessional for him to even ask for it imho.

    There are other ways he can test the screen such as booting off a USB drive.

  •  

    I wouldn't personally but that's because once they have my password they can access my Keychain and then get access to all my other passwords. Luckily I've never been asked for my password when I got my Macs fixed a few times over the years.

    I'm surprised Windows doesn't have some guest user or dev mode that technicians can use.

  • +2 votes

    What are your concerns here?

    Unless the drive is encrypted, he can access the data on there anyway without booting into Windows.

    Having access can mean the difference between a job taking 5 mins or taking an hour.

  •  

    I wouldn't.

    I would say: "fine, ship it back without testing. But if it still doesn't work, then I'm shipping it to you again (on my own cost) and you're continuing it as part of the same repair service."

    Shipping it back to him is like $20? Maybe less with Australia Post. I would consider that a small price to pay for my privacy.

    Sure it's a cost you shouldn't have to suffer but from a business point I can maybe understand where the guy is coming from (though I still don't think it is right of him to ask, and certainly not right of him to expect it).

    Edit: I also agree with other users that this is sus. I'm sure there are other ways to test it without needing your password.
    You can also give the guy a call and sus him out over the phone. See how nervous he sounds when you directly confront him about other methods.

  •  

    Let me tell you a story that happen at a retail shop.

    Everyone took a copy of the nude.

    So I will never ever give access to my computer/HDD unless I am certain it is wiped clean even when there is no private material. Is better to have a sledge hammer smashing it to pieces.

  •  

    Never

  • +3 votes

    I am some random computer guy, have been doing onsite tech support for 20 years for homes and business.
    Ive never had someone even question giving me a password. Technically he doesn't need the password to test the screen.
    I do understand why you would be cautious about it tho. I personally have so much work that i don't have the time to be looking at your files, not that i want to.
    I want to fix the PC as fast as i can, get paid and move on, i'm assuming most legit people would feel the same.

    Also the SAM database can be bypassed in around 60 seconds to get past a windows password if they really wanted..
    Or you have net user administrator /active:yes, Or boot from bootable windows 10 USB. So many things can be done.
    I'm actually a little shocked at how many untrusting people are on here =) You asked for the help have some faith in humanity.

  •  

    It's just for convenience. There are free widely available tools to remove windows passwords if he has to.

    https://gbatemp.net/threads/medicat-usb-a-multiboot-linux-us...

  •  

    Can't he just boot it in safe mode to confirm if touchscreen is working?

  •  

    Im a professional mobile device repairer. Just give him the passcode.

    If he wanted to access your data really its super easy. Just open the laptop remove the hard drive connect it to another pc mount and now i have full access without the need to even know your password. There are also ways to change windows pass without the need of real pass.

  •  

    I wouldn’t given him the laptop though if I had to then I’d give him the password and change it once he returns the laptop.

  •  

    It’s probably fine, but when I worked support we would have our own bootable environments (eg. Ubuntu live or Windows PE) to do tests like this, it takes the user’s OS out of the equation when testing hardware, so not sure why wouldn’t they just boot from a USB to test it…

  •  

    Take out the physical harddrive, ssd or nvme from it. Assuming you are willing to do this, plenty of guides in Youtube.

    Then send it to the repairer. They should have plenty of spare ssd/hdd/nvme to test it with.

    When you get the laptop back, reinstall it.

    Data virtually safe (unless the repairer has any reason to retrieve anything from the sdram).

  • +1 vote

    If he repairs lots of machines then surely he has a boot disk/usb or spare drive he can boot from to test the screen. Personally you should never be giving out your pins or passwords to ANYONE, even if they are honest, it is just bad practise and completely unecessary.

  •  

    Create a new account then set a new password.

  •  

    Really hope you didn't give out that passcode.

    It's absolutely not necessary.

    If the repairer wants to test the touch screen functionality, they can do it with keyboard shortcuts at the login screen, or connect their own boot drive to conduct the tests. Your data is absolutely not necessary.

    Besides - repairer was hired to replace a screen. If they've done that correctly, touchscreen functionality failures caused by hardware faults can be corrected in the work warranty period. If it a software issue, it will not be resolved by a hardware replacement.

    achew
    'scuse me

  •  

    All he has to do is unscrew the base and take the hard drive out and plug it into another computer to access the files. Computer hard drives aren't encrypted or locked.

    The password/pin is doing nothing to protect the files already on it.

    •  

      speak for yourself, all my drives have bitlocker for windows or dmcrypt for linux.

      • -3 votes

        Good for you kid.

        •  

          thanks for compliment, but haven't been a kid for 30 years. regardless, anything remotely modern for a PC or laptop should be encrypted, it isn;t rocket science and is the default on many setups. Perhaps move into this century.