Automatic login into a guest account are good for machines you wish to use in public environments (typically called “kiosks”), but you’ll want to take steps to ensure that a visitor can’t log in to a more privileged account.
There are two ways for a user to skip the automatic login and log in to another user account:
- Hold the Shift key while Windows is logging in.
- Once Windows has logged in, log out by selecting Log Off from the Start menu or pressing Ctrl-Alt-Del and selecting Log Off.
To eliminate both of these backdoors, follow these steps:
1. Open the Registry Editor (type regedit)
2. Expand the tree branches to the following registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
3. Create a new string value here by going to Edit > New > String Value, and name the new value IgnoreShiftOverride. Double-click the new value, type 1 for its value data, and click OK. (This disables the Shift key during the automatic login.)
4. Next, create a new DWORD value in this same key by going to Edit > New > DWORD (32-bit) Value, and name the new value ForceAutoLogon. Double-click the new value, type 1 for its value data, and click OK. (This automatically logs back in if the user tries to log out.)
5. Close the Registry Editor when you’re done. The change will take effect immediately.
To remove either or both of these restrictions, just delete the corresponding Registry values.
Ben Carigtan shows you how it’s done!