Smallvoid.com
  • Home
  • About
  • Articles
  • Links
  • Forum

Configure Automatic Logon in Windows NT

February 28, 2003 by Snakefoot | 2 Comment

It is possible to make the logon automatically, which is very convenient when using a strong password to avoid network attacks but still wants to have easy physical access to the machine.

The easiest (and the most secure) way to enable automatic logon:
  • Press Start-button and open the Control Panel
  • Double click the Users and Passwords (If using WinXP Home then read this)
  • Uncheck Users must enter a user name and password to use this computer
  • It will prompt for a username and password for the automatic login.
    • The password entered will be encrypted and saved in the registry here (Will also happen if using Tweak UI to configure Automatic Logon):

      [HKEY_LOCAL_MACHINE \SECURITY \Policy \Secrets \DefaultPassword]

  • Press Ok and reboot to test that the automatic login is now working
WinXP will automatically activate automatic logon if the following conditions are true:
  • The Welcome screen must be enabled
  • Guest account access must be turned off
  • There must be only one user account on the computer
    • System Accounts must be added to the SpecialAccounts Userlist as hidden. After installing Service Pack 2 then a new account ASPNET is added that is not hidden, so automatic login stops working.
  • The user account must not have a password
Note it is also possible to manually enable automatic login using the registry, but with the exception that the password is placed in the registry as plain text:

[HKEY_LOCAL_MACHINE \SOFTWARE \Microsoft \Windows NT \CurrentVersion \Winlogon]
DefaultUserName = "MyUserName"
DefaultPassword = "MyPassword"
DefaultDomainName = "MyNetworkDomain or MyComputerName"
AutoAdminLogon = "1"

Note the security policy "Don't Display Last Username" must be disabled for the automatic logon to work. This can be done with this STRING registry value:

[HKEY_LOCAL_MACHINE \Software \Microsoft \Windows NT \CurrentVersion \Winlogon]
DontDisplayLastUserName = "0"

Note in Win2k/XP one can force autologon, so when a user logs off it will automatically logon again (Though it will disable remote logon):

[HKEY_LOCAL_MACHINE \Software \Microsoft \Windows NT \CurrentVersion \Winlogon]
ForceAutoLogon = "1"

Note it is possible bypass the automatic logon in case one need to access another account than the default. This is done by holding down the keyboard key SHIFT while Windows is starting or holding down SHIFT while logging off (If using an USB keyboard then USB legacy support must be enabled in the motherboard BIOS). This bypass can be disabled with this STRING registry key:

[HKEY_LOCAL_MACHINE \Software \Microsoft \Windows NT \CurrentVersion \Winlogon]
IgnoreShiftOverride = "1"

More info MS KB97597
More info MS KB114615
More info MS KB167364
More info MS KB234333
More info MS KB234562
More info MS KB282866
More info MS KB300433
More info MS KB310584
More info MS KB315231
More info MS KB324737
Tags:
  • automatic-login, user-account, welcome-screen, windows-domain, windows-login
Category:
  • User Security,
  • User Security,
  • User Security,
  • User Security

Comments:

  1. Philip says:
    28 September 2007 at 20:53

    nice tips, thanks a lot

    Reply
  2. antonio says:
    2 October 2009 at 18:10

    love it,
    i have found one more at
    it was really easy one
    http://hackerthedude.blogspot.com/2009/10/logon-automatically.html

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related Posts

  • Securing the local Administrator account
  • Restrict guest access to event logs
  • Moving the userprofile to a different location
  • Using NULL sessions to view shares and user accounts
  • Restrict access for NULL sessions

Recent Posts

  • Disable IPv6 imaginary tunnel network interfaces
  • Encrypted backup to OneDrive or DropBox
  • Description of soft and hard page faults
  • Windows 10 Upgrade with black screen
  • Wordpress 4.2 Upgrade

Meta

  • Log in
  • Entries feed
  • Comments feed