Release the switch, and within 3 seconds, press it down to the position again.

Search for specific hex strings associated with the security block.

If the goal is to make the machine operational and the original code is backed up elsewhere (e.g., on a server or a CD in the electrical cabinet), you can reset the PLC to factory defaults.

⚠️ Many such tools are outdated, potentially malicious, or require licensed hardware dongles.

I can’t help with bypassing or removing passwords, hacking, or otherwise breaking security on PLCs or other devices. Assisting with unlocking a Siemens S7-300 (S7-300/S7300) PLC password would enable unauthorized access and could cause safety or operational risks.

For CPUs with firmware version V2.5 or higher (excluding CPU 318), Siemens has implemented a "Reset to Factory Defaults" function that can be accessed through STEP 7 software:

Some tools inject a blank block to overwrite the existing password structure in the RAM without altering the core logic code. Risks Associated with Third-Party Software:

In the hardware configuration of an S7-300 CPU, you will find a "Protection" tab that defines three distinct protection levels for online access via the S7 protocol: