Jump to content

Windows XP logon

Guest slhaynes

By Guest slhaynes
in Windows XP

 Share

Recommended Posts

Guest slhaynes

Guest slhaynes

Posted
Posted

I want to bypass my initial logon screen where I have click on my username to

start Windows. I am the only user of this PC and it is at my home. When I

turn on the PC, I want it to boot directly to Windows XP without having to

click my name. How do I make this happen?

--

Dog is GOD spelled backwards, no wonder they are man''s best friend.

  • Replies 6
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Pegasus \(MVP\)

Guest Pegasus \(MVP\)

Posted
Posted

Re: Windows XP logon

 

 

"slhaynes" <slhaynes@discussions.microsoft.com> wrote in message

news:73992917-FF1D-402C-9E9E-96F9B5BFE5EE@microsoft.com...

>I want to bypass my initial logon screen where I have click on my username

>to

> start Windows. I am the only user of this PC and it is at my home. When

> I

> turn on the PC, I want it to boot directly to Windows XP without having to

> click my name. How do I make this happen?

> --

 

Have a look here: http://www.kellys-korner-xp.com/win_xp_passwords.htm.

Guest smlunatick

Guest smlunatick

Posted
Posted

Re: Windows XP logon

 

On Mar 11, 11:50 am, "Pegasus \(MVP\)" <I....@fly.com.oz> wrote:

> "slhaynes" <slhay...@discussions.microsoft.com> wrote in message

>

> news:73992917-FF1D-402C-9E9E-96F9B5BFE5EE@microsoft.com...

>

> >I want to bypass my initial logon screen where I have click on my username

> >to

> > start Windows.  I am the only user of this PC and it is at my home.  When

> > I

> > turn on the PC, I want it to boot directly to Windows XP without having to

> > click my name.  How do I make this happen?

> > --

>

> Have a look here:http://www.kellys-korner-xp.com/win_xp_passwords.htm.

 

You may also need o check if your Windows XP has a separate user

account created by one of the .NET Framework updates. The ASP.NET

user is created in XP when the .NET Framework and will cause the

Welcome screen to request your click on an account. Easiest way of

making sure that to can remote the ASP.NEE login on the Welcome screen

is to get TweakUI.

Guest VanguardLH

Guest VanguardLH

Posted
Posted

Re: Windows XP logon

 

"slhaynes" wrote in message

news:73992917-FF1D-402C-9E9E-96F9B5BFE5EE@microsoft.com...

>I want to bypass my initial logon screen where I have click on my

>username to

> start Windows. I am the only user of this PC and it is at my home.

> When I

> turn on the PC, I want it to boot directly to Windows XP without

> having to

> click my name. How do I make this happen?

> --

> Dog is GOD spelled backwards, no wonder they are man''s best friend.

 

 

Get the TweakUI powertoy from Microsoft. One of the settings is for

auto-login.

Guest smlunatick

Guest smlunatick

Posted
Posted

Re: Windows XP logon

 

On Mar 11, 4:19 pm, "VanguardLH" <V...@nguard.LH> wrote:

> "slhaynes" wrote in message

>

> news:73992917-FF1D-402C-9E9E-96F9B5BFE5EE@microsoft.com...

>

> >I want to bypass my initial logon screen where I have click on my

> >username to

> > start Windows.  I am the only user of this PC and it is at my home.

> > When I

> > turn on the PC, I want it to boot directly to Windows XP without

> > having to

> > click my name.  How do I make this happen?

> > --

> > Dog is GOD spelled backwards, no wonder they are man''s best friend.

>

> Get the TweakUI powertoy from Microsoft.  One of the settings is for

> auto-login.

 

The Auto-login "tweak" is not secure! It stores the password as plain

Ascii text.

Guest PD43

Guest PD43

Posted
Posted

Re: Windows XP logon

 

smlunatick <yveslec@gmail.com> wrote:

>> Get the TweakUI powertoy from Microsoft.  One of the settings is for

>> auto-login.

>

>The Auto-login "tweak" is not secure! It stores the password as plain

>Ascii text.

 

OH NO! HORROR OF HORRORS!! LOCK ALL THE DOORS AND ALERT THE COPS!

Guest VanguardLH

Guest VanguardLH

Posted
Posted

Re: Windows XP logon

 

"smlunatick" wrote in message

news:fc8d14fc-1fa7-4b92-b002-4e75b8a4b233@e60g2000hsh.googlegroups.com...

>

> "VanguardLH" wrote:

>>

>> "slhaynes" wrote ...

>>>

>>> I want to bypass my initial logon screen where I have click on

>>> my username to start Windows. I am the only user of this PC and

>>> it is at my home. When I turn on the PC, I want it to boot

>>> directly to Windows XP without having to click my name. How do

>>> I make this happen?

>>

>> Get the TweakUI powertoy from Microsoft. One of the settings is for

>> auto-login.

>

> The Auto-login "tweak" is not secure! It stores the password as

> plain

> Ascii text.

 

 

--- REPLY SEPARATOR ---

Only required because above poster used QUOTED-PRINTABLE format.

When posting to newsgroups, do NOT use quoted-printable format.

* Not all NNTP clients handle quoted-printable format.

- Some users still use console-mode (non-GUI) NNTP clients.

- The long lines may not wrap properly.

- Scrolling is needed if the long line does not get wrapped.

- The long line may get truncated at the window's width.

- Quoted-printable format uses special character sequences for

logical formatting. View the raw source of your post. Text-

only clients may show that encoding when viewing your post.

* Quoting levels get mangled, especially for multiple replies.

* In replies, there is no clear delineation of content.

- Cannot tell what content is from the original poster and

what is from the respondent.

- Makes impossible to determine who said what when a reply

inserts comments inline with the quoted content.

---[end of comments]---

 

 

And what is your point? If the user is using ANY auto-login procedure

which automatically bypasses the login credentials then anyone can

boot that computer to get into that account. So just how is using an

auto-login process that stores the password in plain-text any less

secure than using the auto-login process in the first place? Duh!

Using auto-login obviates security. ANYONE can get into that Windows

account, and if it is an admin-level account then ANYONE also has

admin privileges on that host.

 

So just where in the registry do you think TweakUI stores the recorded

password in plain-text? You are proliferating outdated information.

If you had even looked at TweakUI's description of its auto-logon

feature, it says the password is encrypted. When TweakUI's auto-logon

feature is enabled:

 

- The following registry key is created or modified:

key = HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

data name = AutoAdminLogon

data value = 1

If the data item is missing (not defined) or 0, auto-logon is not

enabled. TweakUI will create the data item with a value of 1 (when

you enable auto-logon) or delete this data item (when you disable

auto-logon).

 

- If you follow the instructions at

http://support.microsoft.com/kb/315231/en-us, yes, you are saving the

password as a plain-text value in the DefaultPassword data item.

TweakUI does NOT create this data item anymore. It does NOT save your

login password as a plain-text value in the registry. Test this for

yourself. Enable auto-logon in TweakUI, enter your login username,

click the Password button and enter it, and click Apply. Now go

searching through your registry for a string that matches on your

password. You won't find it.

 

I am using TweakUI 2.10.0.0 for Windows XP (SP1 and up). Maybe you

are using an older version of TweakUI that followed the KB article

which would result in saving your password in plain-text in a data

item in the registry. The latest version of TweakUI uses the

Microsoft Cryptographic Application Programming Interface (CryptoAPI)

to store the password in an encrypted part of the registry or in a

disk file depending on which NT-based version of Windows you are

using. You can see the list of CSPs (Cryptography Service Providers)

by looking under

HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider. The default

CSP for the current logged on user is found listed under

HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider Types\Type 001.

Under Windows NT, CSPs store their key containers in two locations of

the system registry: HKCU\Software\Microsoft\Cryptography\UserKeys and

HKLM\Software\Microsoft\Cryprography\MachineKeys. The first is usually

used by a stand-alone application and the second by a process running

on behalf of a non-interactive user, such as an IIS/ASP application.

However, in Windows 2000, Microsoft moved from storing the encrypted

data in the system registry to storing it in the file system under

"%userprofile%\Application Data\Microsoft\Crypto\RSA\<userSID>" and

"\Documents and settings\All Users\Application

Data\Microsoft\Crypto\RSA\Machinekeys". By entering your logon

username, you specify which profile under which to retrieve the

encrypted data that is your logon password. So whether the password

is encrypted or not depends on whether you use an old or new version

of TweakUI. Make sure you use a later (or latest) version of TweakUI

that encrypts the password rather than save it as plain-text in the

registry.

 

But so what if the password were not encrypted? If you are

automatically bypassing the logon, you have bypassed security. No one

needs the plain-text version of your password. They don't need it.

You opened your computer so ANYONE can automatically log into your

account when they reboot the host. You unlocked the door and then

left it open for the flies and vermin to come in and infest your home.

 Share
Go to topic listing
×
×
  • Create New...