Prevent users from bypassing the automatic login in Vista
Automatic logins are also good for machines you wish to use in public environments (typically called "kiosks"), but you'll want to take steps to ensure that a visitor can't log in to a more privileged account. There are two ways for a user to skip the automatic login and log in to another user account.
• Hold the Shift key while Windows is logging in.
• Once Windows has logged in, log out by selecting Log Off from the Start menu or pressing Ctrl-Alt-Del and selecting Log Off.
To eliminate both of these backdoors, follow these steps:
1) Open the Registry Editor.
2) Expand the branches to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon. (Note the Windows NT branch here, as opposed to the more common Windows branch.)
3) Create a new string value here by going to Edit ➝ New ➝ String Value, and name the new value IgnoreShiftOverride. Double-click the new value, type 1 for its value data, and click OK. (This disables the Shift key during the automatic login.)
4) Next, create a new DWORD value in this same key by going to Edit ➝ New ➝ DWORD (32-bit) Value, and name the new value ForceAutoLogon. Double-click the new value, type 1 for its value data, and click OK. (This automatically logs back in if the user tries to log out.)
5) Close the Registry Editor when you’re done. The change will take effect immediately.
To remove either or both of these restrictions, just delete the corresponding
Registry values.
Related Articles