Windows 11 local accounts and "S" mode

amal · December 20, 2025, 1:41am

A game of cat and mouse is going on with Windows 11 and local accounts. The most recent solution which was to press SHIFT-F10 during the MS Account setup screen is now blocked (on this new HP all-in-one I just bought anyway). You can see it trying to open the command prompt but it’s not working.

Instead I pressed a special function key on my keyboard that opened the display broadcast prompt, and from that I clicked “More Settings” to open the settings dialog. Then on that screen I pressed Windows + R to get a run dialog, and in the run dialog I tried to run CMD but could not because this shitty computer had Windows delivered in “S” mode. So instead I just ran the command ms-cxh:localonly directly in the run box and it worked.. the local account setup screen appeared and I was able to set up a local account.

After logging in with my local account, I see I’m in “S” mode and I’m like WTF is that.. basically I can’t run anything that does not come exclusively from the Microsoft Store. Bullshit. I went to disable it, but you have to “GET” this feature by logging in with an MS account. Bullshit. I found this guide on how to disable it without all that;

Go to: Settings → System → Recovery

Click Advanced Startup and then Restart Now button

Allow the machine to reboot to Recovery Mode

In Recovery Mode click: Troubleshoot → Advanced Options → Command Prompt

FYI: If you have a password setup on your Windows it may ask you for that password in one of the following steps

In the Command Prompt window type: regedit and hit Enter

Click on HKEY_LOCAL_MACHINE

With HKEY_LOCAL_MACHINE selected go to the top menu and select File → Load Hive

A window will appear asking you the location of the desired registry hive.

Important: The System32 open in this window is from Recovery Mode’s registry hive, but we need to load the installed Windows registry hive, so we need to navigate to that registry hive’s location, which is a file called System on the C drive, in the Windows folder. So, click on This PC and navigate to the following file:

C:\Windows\System32\Config\System

Name this Hive anything, since it is just temporary, such as InstalledWindows

Now click and expand the HKEY_LOCAL_MACHINE. You will see a folder called InstalledWindows. Expand it and browse to the following registry:

HKEY_LOCAL_MACHINE\InstalledWindows\ControlSet001\Control\CI\Policy

Double click on SkuPolicyRequired and change value from 1 to 0

FYI: Value of 0 will switch your Windows out of the S Mode and back to the regular Windows Home/Professional. To switch back to S Mode again, just change this value back to 1

Scroll back and collapse the InstalledWindows Hive. While the InstalledWindows hive is still selected, go to the top menu and click File → Unload Hive

Close registry editor and Command Prompt, click Turn off your PC

Restart your PC. Check in Setting → System → About. Your PC will be out of the S Mode. Or it will now be in S Mode if you were switching back.

source: https://www.wilderssecurity.com/threads/switch-back-and-forth-out-of-windows-s-mode-without-a-microsoft-account.455681/

frail_rearranger · December 20, 2025, 1:48am

This is what I’m talking about.

amal · December 20, 2025, 1:55am

yeah.. i honestly considered wiping and putting ubuntu on it.. but the kid needs certain windows apps for school

enginerd · December 20, 2025, 3:25am

Gosh… They started that with the original surface laptop, but that one came with the option to “upgrade” to Windows 10 Pro for free. And I honestly thought that the S mode nonsense had been dropped as it’s a horrible value proposition.

amal · December 20, 2025, 4:09am

yeah apparently they doubled down because I did the registry trick yet it did not, in fact, disable S mode. I had to use my MS account for lack of options.

enginerd · December 20, 2025, 4:22am

At least I think that now you can install Windows 11 without the S mode garbage…

amal · December 20, 2025, 4:40am

yeah absolutely.. this all-in-one “family” computer just came pre-setup that way. it’s the first time i’ve ever encountered it though.

enginerd · December 20, 2025, 5:00am

Probably something intended to offer parents more control? Or to sell the illusion of control? Or maybe to prevent that either very young or very old family member from installing malware?

Truth be told, I had no parental supervision when using the internet as a child. And as you might imagine, I was mostly googleing stuff about electronics and datasheets… I also read a couple of things about protons, magnets, and coils… And also a bunch of things about lock picking.

~~NGL, I was a very particular kind of problem child who was asking for an oscilloscope every Christmas…~~

ODaily · December 20, 2025, 5:57am

I distinctly recall trying to explain the difference between U235 and U238 to my great grandmother at an old ladies craft show / get together event. I was 10-ish?

Birds of a feather / Flock together, I suppose.

I always find it interesting how, individually, we are all outliers, but collectively…

Not · December 20, 2025, 3:52pm

I recently had to fight this crap too. It appears that this is at least common with HP and not with Dell or Asus, from my limited variety of recently set up devices.

Not · December 20, 2025, 3:54pm

From what I’m seeing, it is used under the flag of “security”.

amal · December 21, 2025, 2:37am

Honestly I kinda get it. However I’d really see utility if I could disable it and install what I wanted and then enable it to lock down any further changes.. but it’s not that.. installed software won’t run. Fucking bullshit.

Pilgrimsmaster · December 23, 2025, 6:00pm

GrimEcho · December 26, 2025, 3:42pm

I’ve spent the last 6 months or so slowly upgrading my and my family’s Windows 10 computers to Windows 11. After some trial and error this is now my de facto recipe.

Windows 11 Pro license key (~$10 - $20). Currently available on Stack Social for $10
Download Windows 11 25H2 ISO
Use Rufus to slipstream in the local account option while copying the ISO to a USB drive.
- Rufus has a “Windows User Experience” dialog that allows you to customize the install when copying it. Among other things it can disable the online Microsoft account and force a local acocunt
- image548×263 10 KB
Clean Windows 11 install
Post-install customization
- Install Firefox and make it the default
- Uninstall Microsoft One Drive and Microsoft Teams via Windows add/remove programs
- Install Edge Redirect in “Active” mode and enable both “Discover” and “Search” redirections. Witht this, nothing you do in Windows (short of intentionally starting Edge) will cause Edge to to pen instead of your default browser.
- Tweak the taskbar to auto-hide, disable app notification flashes, enable some missing system tray icons, set the time automatically, and disable the hover over weather to bring up the news article board thing.

paradoxb3 · December 27, 2025, 1:26am

Having dealt with a lot of this bullshit setting up PC’s for customers at work, you should know once you touch Windows with a MS account, it has this nasty habit of automatically encrypting your drive without telling you. You may want to check settings to see if your device has been encrypted, and either make a note of the encryption key, or turn off encryption. I generally turn it off as I have no interest in keeping track of hundreds/thousands of encryption keys, and for the most part, drive encryption isn’t really necessary for the majority of them, aside from the <1% storing PHI.

TheCyberSystem · December 31, 2025, 6:23am

We used Rufus to get the installation media, then had to recompile it back into an iso because we use Ventoy. That was a nightmare to figure out but agreed that Rufus is so far the best option for customising the iso.

For bonus points we created a powershell script to unattend install/uninstall programs via winget - makes things so much easier initially.