Online Learning Academy - LearnAcad.com

... Sharing Knowledge

  • Increase font size
  • Default font size
  • Decrease font size
Home Author's Benefits

Windows 2000/2003 Auto Logon procedure

Monday, 02 January 2012 14:38 Shaukat Windows - Windows 2003
E-mail Print PDF
Share
Download SocButtons

Auto Logon

Issue

If Auto Logon is enabled on the scanned computer, the password that is used to log on automatically is stored in the registry (either in plaintext or encrypted format). In either case, this feature poses a security risk because anyone with physical access to the computer can boot the system and automatically log on without having to enter any credentials.

Solution

Disable the Auto Logon feature. To disable this feature, use the Registry Editor to remove the AutoAdminLogon and DefaultPassword values under the following registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon 

Caution 

  • Using the incorrectly can cause serious, system-wide problems that may require you to reinstall Microsoft® Windows® to correct them. Microsoft cannot guarantee that problems resulting from the incorrect use of the Registry Editor can be solved.

Note

  • You need administrator access to perform this task.

Instructions

To disable the Auto Logon feature 

  1. Click Start, click Run, and then type Regedit.exe.
  2. In the Registry Editor, expand the following keys in this order: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon. 
  3. Click Winlogon.
  4. In the right pane, find the DefaultPassword key in the name column and see if there is a value (anything other than "value not set") in the data column. If there is no value set or the DefaultPassword key does not exist, Auto Logon is not enabled.
  5. If there is a value, click the DefaultPassword key.
  6. On the Edit menu, click Delete.
  7. In the right pane, find the AutoAdminLogon key in the name column. If the value is set to 1, which indicates that Auto Logon is enabled, change the value to 0 to disable this feature.

Additional Information

The credentials used to log on by default during automatic logon are located under the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

AutoAdminLogon REG_SZ 0 or 1 - Must be zero to remove this feature.

When you use AutoAdminLogon, Windows automatically logs on the specified user when the system is started, bypassing the CTRL+ALT+DEL logon dialog box. This is a serious security problem because anyone can gain access to your computer.

DefaultUserName REG_SZ Username

DefaultPassword REG_SZ Password

Specifies the password for the user listed under DefaultUserName.

If the password that you use for automatic logon is stored programmatically by using the LsaStorePrivateData API, it is encrypted and stored under the following registry keys:

HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\DefaultPassword\CurrVal

HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\DefaultPassword\OldVal 

By encrypting the password as an LSA secret, you prevent remote users from reading a plaintext password that is stored under the Winlogon registry key. However, anyone with physical access to the computer can boot the system and log on automatically, whether the password is encrypted or in plaintext, which poses a security risk.

 

 

 

< Prev   Next >
 

Muhammad Shaukat

Our valuable member Shaukat has been with us since Tuesday, 01 June 2010.

Show Other Articles Of This Author

Add comment


Security code
Refresh

Follow us on Twitter

Main Menu

Linux

Islam

Windows

Interview Questions

Database

Internet

Cisco

Entertainment

Networking

Graduate Courses

Psychology

Feed Burner

Subscribe to Welcome to Online Learning Academy by Email

Enter your email address:

Delivered by FeedBurner


Google Groups
Subscribe to LearnAcad
Email:
Visit this group

Login Form

JoomImages for JoomGallery

There are no images available in the gallery.

JoomCategories for JoomGallery

No categories found