TechSapphire Friday, 2024-03-29, 3:32 AM
Site menu
Login form
News
Play Games
  • Deep Freeze
  • Ice Slide
  • Gyroball
  • Fat Fish
  • Bush Royal Rampage
  • Login and Authentication

    1. Automatic Logon to Windows 95, 98 and Me
    (Windows 95/98/Me)

    This setting allows Windows clients to automatically logon without entering a user name or password, therefore bypassing the logon box.

    Create a new string value called "AutoAdminLogon" and set it to "1" to enable automatic login.

    Create a new string value called "DefaultUsername" and set it to username of the default user.

    Create a new string value called "DefaultPassword" and set it to match the password of the default user.


    Settings:
    System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    Name: AutoAdminLogon, DefaultPassword, DefaultUserName
    Type: REG_SZ (String Value)

    2. Automatic Logon to Windows NT, 2000 and XP (Windows NT/2000/XP/Vista/Window 7)

    Windows includes a feature that allows you to configure the computer to automatically logon to the network, bypassing the Winlogon dialog box.

    To enable this function you need to add several new values to the key below.

    1. Add a new string value named 'DefaultUserName' and set it to the username you wish to automatically logon as.
    2. Add a new string value named 'DefaultPassword' and set this to the password for the user entered above.
    3. Add a new string value named 'DefaultDomainName' and set this to the domain of the user. Ignore this value if the NT box is not participating in NT Domain security.
    4. Add a new string value named 'AutoAdminLogon' and set it to either '1' to enable auto logon or '0' to disable it.
    5. For Windows 2000 the additional ForceAutoLogon setting must be enabled to stop the tweak from resetting on reboot.
    Exit and restart, Windows should not ask for a password and automatically show the desktop of the user.

    Note: The password is stored in registry, which means anyone who has access to the machine has access to the password.

    Note: You can bypass this function by holding down the SHIFT key during the boot or logoff process.

    Note: It is also important to note that if the DontDisplayLastUserName value is enabled, the auto logon feature does not function.


    Settings:
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    Name: AutoAdminLogon
    Type: REG_SZ (String Value)
    Value: (0=disable, 1=enable)


    3. Enable Shutdown from Authentication Dialog Box (Windows NT/2000/XP/Vista/Window 7)

    When this setting is enabled a [Shutdown] button is displayed in authentication dialog box when the system first starts. This allows you to shutdown a system without logging in. The button is shown by default on a workstation and removed on a server installation.

    Create a new DWORD value, or modify the existing value called 'ShutdownWithoutLogon' using the settings below.

    Settings:
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
    Name: ShutdownWithoutLogon
    Type: REG_DWORD (DWORD Value)
    Value: (0 = disabled, 1 = enabled)


    4. Automatic Administrative Logon to Recovery Console (Windows 2000/XP)

    The recovery console is a command line environment that is used to recover from system problems. This setting controls whether the administrator account will be logged on automatically or be required to enter a password when the recovery console is invoked during startup.

    Create a new DWORD value, or modify the existing value called 'SecurityLevel' using the settings below.

    Settings:
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole]
    Name: SecurityLevel
    Type: REG_DWORD (DWORD Value)
    Value: (0 = require password, 1 = no password)


    5. Disable Password Caching in Internet Explorer (All Windows)

    When you attempt to view a password-protected site, you are normally prompted to type your username and password with an option to "Save this password in your password list". This tweak can be used to disable the ability for users to save passwords.

    Create a new DWORD value, or modify the existing value called 'DisablePasswordCaching' using the settings below.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    Name: DisablePasswordCaching
    Type: REG_DWORD (DWORD Value)
    Value: (0 = default, 1 = disable password cache)


    6. Limit the Number of Automatic Logins (Windows NT/2000/XP/Vista/Window 7)

    This setting is used to limit the number of automatic logins, once the limit has been reached the auto logon feature will be disabled and the system will display the standard authentication box.

    Create a new DWORD value, or modify the existing value called 'AutoLogonCount' using the settings below.

    Note: Each time the system is rebooted, the value of AutoLogonCount will be decremented by one, until it reaches zero. When AutoLogonCount reaches zero, no account will be logged on automatically, the AutoLogonCount and DefaultPassword key values will be deleted from the registry, and AutoAdminLogon will be set to zero.

    Settings:
    System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    Name: AutoLogonCount
    Type: REG_DWORD (DWORD Value)
    Value: Number of Automatic Logins


    7. Modify the Number of Cached Logins (Windows NT/2000/XP/Vista/Window 7)

    This value controls the number of allowable cached login attempts when the network domain controller is unavailable.

    Create a new String value, or modify the existing value called 'CachedLogonsCount' using the settings below.

    Note: With caching disabled or the maximum has been reached, the user is prompted with this message: "The system cannot log you on now because the domain [DOMAIN_NAME] is not available."

    Settings:
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    Name: CachedLogonsCount
    Type: REG_SZ (String Value)
    Value: 0 - 50 (0 = disabled, 10 = default)


    8. Legal Notice Dialog Box Before Logon (All Windows)

    Use these fields to create a dialog box that will be presented to any user before logging onto the system. This is useful where you are required by law to warn people that it is illegal to attempt to logon without being an authorized user.

    Windows 95, 98 and Me:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Winlogon

    Windows NT, 2000, XP, Vista, Window 7:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

    Modify the value named 'LegalNoticeCaption' to represent the caption on the dialog box (e.g. 'WARNING!'). If this value doesn't already exist create it.

    Modify the value named 'LegalNoticeText' to represent the body of the dialog box (e.g. 'Do Not Attempt to Logon to this system unless you are an authorized user!')

    Settings:
    Name: LegalNoticeCaption, LegalNoticeText
    Type: REG_SZ (String Value)


    9. Set the Minimum Password Length (All Windows)

    You can force Windows to reject passwords that do not meet a minimum password length. Useful to help stop people from using trivial passwords where security is an issue.

    Create a new binary value named 'MinPwdLen', and set the data to the minimum number of characters required for a password to be accepted.

    Settings:
    User Key: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network]
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network]
    Name: MinPwdLen
    Type: REG_BINARY (Binary Value)


    10. Customize the Windows Logon and Security Dialog Title
    (Windows NT/2000/XP)

    This setting allows you to add additional text to the title of the standard Windows Logon and Windows Security dialog boxes.

    Create a new String value, or modify the existing value called 'Welcome' using the settings below.

    Settings:
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    Name: Welcome
    Type: REG_SZ (String Value)
    Value: Text to display


    11. Show Verbose Security Status Messages (Windows 2000/XP)

    This setting allows you to configure Windows so that you receive verbose startup, shutdown, logon, and logoff status messages. This may be helpful to in troubleshooting slow startup, shutdown, logon, or logoff behaviour.

    To enable verbose status messages create a new DWORD value called "verbosestatus" and set it to "1".

    An additional value called "DisableStatusMessages" forces status messages to be disabled, make sure this value does not exist or is set to "0".


    Settings:
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
    Name: verbosestatus
    Type: REG_DWORD (DWORD Value)
    Value: (0 = default, 1 = enable versbose status)

    12. Force the Use of Automatic Logon (Windows 2000/XP)

    Normally when a Windows machine is configured to automatically logon to a specified account users can bypass this and enter alternate account information. This tweak forces the machine to auto logon and to ignore any bypass attempts.

    Create a new string value called "ForceAutoLogon" and set it to equal "1" to force automatic logons or "0" to allow alternate users.

    Settings:
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    Name: ForceAutoLogon
    Type: REG_SZ (String Value)
    Value: (0 = disabled, 1 = enabled)


    13. Disable Password Caching (All Windows)

    Normally Windows caches a copy of the users password on the local system to allow for additional automation, this leads to a possible security threat on some systems. Disabling caching means the users passwords are not cached locally. This setting also removes the second Windows password screen and also remove the possibility of networks passwords to get out of sync.

    Create a new DWORD value, or modify the existing value called 'DisablePwdCaching' using the settings below.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network]
    System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Network]
    Name: DisablePwdCaching
    Type: REG_DWORD (DWORD Value)
    Value: (0 = disabled, 1=enabled)


    14. Require Alphanumeric Windows Password
    (All Windows)


    Windows by default will accept anything as a password, including nothing. This setting controls whether Windows will require a alphanumeric password, i.e. a password made from a combination of alpha (A, B, C...) and numeric (1, 2 ,3 ...) characters.

    Create a new DWORD value, or modify the existing value called 'AlphanumPwds' using the settings below.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network]
    System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Network]
    Name: AlphanumPwds
    Type: REG_DWORD (DWORD Value)
    Value: (0 = disabled, 1=enabled)


    15. Disable the Change Password Button (Windows NT/2000)

    This setting disables the 'Change Password' button on the Windows Security dialog box. Enabling this setting stops casual users from being able to change the password.

    Create a new DWORD value, or modify the existing value called 'DisableChangePassword' using the settings below.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    Name: DisableChangePassword
    Type: REG_DWORD (DWORD Value)
    Value: (0 = disabled, 1 = enabled)

    16. Disable the Lock Workstation Button (Windows NT/2000/XP/Vista/Window 7)

    Add this setting to the registry to stop unauthorized users from locking machines from the Windows Security dialog box.

    Create a new DWORD value, or modify the existing value called 'DisableLockWorkstation' using the settings below.

    Settings:
    User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    Name: DisableLockWorkstation
    Type: REG_DWORD (DWORD Value)
    Value: (0 = disabled, 1 = enabled)


    17. Disable the Auto Logon Shift Override Feature (Windows NT/2000/XP)

    When using the automatic login feature it is possible for a user to hold the Shift key to bypass the login sequence and enter a username and password. This feature disables the ability to override the function.

    Create a new String value, or modify the existing value called 'IgnoreShiftOverride' using the settings below.

    Settings:
    System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    Name: IgnoreShiftOverride
    Type: REG_SZ (String Value)
    Value: (1 = Ignore Shift)


    18. Require Users to Press Ctrl+Alt+Delete Before Logon (Windows 2000/XP)

    This setting controls whether users are required to press Ctrl + Alt + Delete as a security precaution before logging into the system.

    Create a new DWORD value, or modify the existing value called 'DisableCAD' using the settings below.

    Settings:
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    Name: DisableCAD
    Type: REG_DWORD (DWORD Value)
    Value: (0 = Require Ctrl+Alt+Delete, 1 = Disable)


    19. Restrict Showing the Last Username (Windows 2000/XP)

    This restriction removes the ability to view which user was last logged onto a computer by clearing the username box on the login screen.

    Create a new DWORD value, or modify the existing value called 'DontDisplayLastUserName' using the settings below.

    Settings:
    User Key: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
    Name: DontDisplayLastUserName
    Type: REG_DWORD (DWORD Value)
    Value: (1 = remove username)


    20. Use Active Authentication for Unlock and Screen Saver (Windows NT/2000/XP)

    This setting controls whether a full login should be performed when a workstation is unlocked or a password is used with the screen saver. Normally Windows will not check some settings such as whether the account has been locked out.

    Create a new DWORD value, or modify the existing value called 'ForceUnlockLogon' using the settings below.

    Settings:
    System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    Name: ForceUnlockLogon
    Type: REG_DWORD (DWORD Value)
    Value: 0 = default authentication, 1 = online authentication


    21. Change the Message Shown on the Logon Box (Windows NT/2000/XP)

    You can personalize (or legalize) the message displayed on the logon box above the user name and password.

    Create a new string value named 'LogonPrompt' and enter the text you want to display. The default message is: 'Enter a user name and password that is valid for this system.'

    Settings:
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    Name: LogonPrompt
    Type: REG_SZ (String Value)

    22. Allow Portables to Undock Before Logon (Windows XP)

    This setting controls whether users with portable computers have the option to undock the system before they have logged onto the computer.

    Create a new DWORD value, or modify the existing value called 'UndockWithoutLogon' using the settings below.

    Settings:
    User Key: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
    Name: UndockWithoutLogon
    Type: REG_DWORD (DWORD Value)
    Value: (0 = disabled, 1 = enabled)


    23. Start Windows Without Prompting for a Password (Windows 95/98/Me)

    Does Windows prompt you for a password every time you boot up even though you're the only one using the PC? Follow these instructions to make Windows automatically start up without prompting you for a password.

    Windows 9x passwords are recorded in a Password List file, these files are stored in the Windows directory and named according to your username, they can be recognized by their .PWL extension.

    For example, if your username was 'John' then your password file would probably be 'c:\windows\john.pwl'

    To remove the password prompt start by finding the PWL file relating to your username and rename it to *.old (e.g. c:\windows\john.old).

    If your running a network, you then need to open 'Control Panel -> Network' and check that the 'Primary Network Logon' is set to 'Windows Logon'.

    Now restart Windows and you'll be prompted for a password, leave the Password box empty then click OK, you should now not be prompted for a password again.


    24. Force Users to Logon to Windows (Windows 95/98/Me)

    Usually users can simply press 'Cancel' at the Windows logon box to bypass the login process and gain access to the local computer. This tweak will logout the user if the authentication fails or the user clicks Cancel.

    Like all registry tweaks, this is for advanced users, please do not attempt to try this if you are not confident with the Windows registry and recovering from any subsequent problems.

    Firstly, setup your computer for multiple users by using the 'Users' wizard in the Control Panel. Create a new user in addition to any existing users, then restart Windows and login as the new user (this will become your new default account).

    While you are logged in open your registry and expand the [HKEY_USERS] key, there should be several sub-folders including ".DEFAULT", "Software" and a folder corresponding to the new username you created above.

    Open the key listed below (if the 'Run' key does not already exist then create it), and create a new string value named "NoLogon", and set the value to equal "RUNDLL32 shell32,SHExitWindowsEx 0".

    Log-off and now when you login using the new username you should gain access to the desktop, but when you press Cancel or enter the wrong password the desktop should partially load, and then the computer should return to the login screen.

    Categories
    Programming [27]
    Tips for programming
    Security [2]
    Security Tips
    Google [1]
    Use google faster then ever you use
    Project [14]
    HTML [2]
    Electronics [0]
    Data Structure [0]
    Database [16]
    SQL SERVER
    SSRS [1]
    Sql Server Reporting Services
    Copyright MyCorp © 2024