Turn on automatic logon in Windows

This article describes how to configure Windows to automate the logon process by storing your password and other pertinent information in the registry database. By using this feature, other users can start your computer and use the account that you establish to automatically log on.

Original product version: В Windows Server 2019, Windows Server 2016, Windows Server 2012 R2
Original KB number: В 324737

The autologon feature is provided as a convenience. However, this feature may be a security risk. If you set a computer for autologon, anyone who can physically obtain access to the computer can gain access to all the computer’s contents, including any networks it is connected to. Additionally, when autologon is turned on, the password is stored in the registry in plain text. The specific registry key that stores this value can be remotely read by the Authenticated Users group. This setting is recommended only for cases in which the computer is physically secured and steps have been taken to make sure that untrusted users cannot remotely access the registry.

Use Registry Editor to turn on automatic logon

This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, see How to back up and restore the registry in Windows.

To use Registry Editor to turn on automatic logon, follow these steps:

Click Start, and then click Run.

In the Open box, type Regedit.exe, and then press Enter.

Locate the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon subkey in the registry.

Double-click the DefaultUserName entry, type your user name, and then click OK.

Double-click the DefaultPassword entry, type your password, and then click OK.

If the DefaultPassword value does not exist, it must be added. To add the value, follow these steps:

On the Edit menu, click New, and then point to String Value.

Type DefaultPassword, and then press Enter.

Double-click DefaultPassword.

In the Edit String dialog, type your password and then click OK.

If no DefaultPassword string is specified, Windows automatically changes the value of the AutoAdminLogon key from 1 (true) to 0 (false), disabling the AutoAdminLogon feature.

On the Edit menu, click New, and then point to String Value.

Type AutoAdminLogon, and then press Enter.

Double-click AutoAdminLogon.

In the Edit String dialog box, type 1 and then click OK.

If you have joined the computer to a domain, you should add the DefaultDomainName value, and the data for the value should be set as the fully qualified domain name (FQDN) of the domain, for example contoso.com. .

Exit Registry Editor.

Click Start, click Shutdown, and then type a reason in the Comment text box.

Click OK to turn off your computer.

Restart your computer. You can now log on automatically.

• To bypass the AutoAdminLogon process and to log on as a different user, press and hold the Shift key after you log off or after Windows restarts.
• This registry change does not work if the Logon Banner value is defined on the server either by a Group Policy object (GPO) or by a local policy. When the policy is changed so that it does not affect the computer, the autologon feature works as expected.
• When Exchange Active Sync (EAS) password restrictions are active, the autologon feature does not work. This behavior is by design. This behavior is caused by a change in Windows 8.1 and does not affect Windows 8 or earlier versions. To work around this behavior in Windows 8.1 and later versions, remove the EAS policies in Control Panel.
• An interactive console logon that has a different user on the server changes the DefaultUserName registry entry as the last logged-on user indicator. AutoAdminLogon relies on the DefaultUserName entry to match the user and password. Therefore, AutoAdminLogon may fail. You can configure a shutdown script to set the correct DefaultUserName.
• You can use the Sysinternals tool AutoLogon to enable this functionality easier. This tool also helps you to use an encrypted version of password.

How to log off on windows 10 by using cmd?

What is the cmd-command for log off and shut down computer?

Would appreciate any help.

***Post moved by the moderator to the appropriate forum category.***

Replies (2) 

There are a lot of command line in CMD you can use to logoff a computer. When you type the command «shutdown /» in CMD, it will show you the list of command controls you can use with it as for your options. With what you have stated, «shutdown /l» with the letter «L» meaning logoff, would be the most appropriate.

Let us know if this answers your question.

25 people found this reply helpful

Was this reply helpful?

Sorry this didn’t help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

We have noticed that the post has been inactive for quite some time. We’d like to check if Nick Dich was able to answer your question.

If so, we highly encourage you to inform our Community by clicking on Yes or marking the post as an answer. This will help other members who may have the same issue as you. Otherwise, don’t hesitate to update us so we can further assist you.

13 people found this reply helpful

Was this reply helpful?

Sorry this didn’t help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

Interactive logon: Message text for users attempting to log on

Applies to:

Describes the best practices, location, values, management, and security considerations for the Interactive logon: Message text for users attempting to log on security policy setting.

Reference

The Interactive logon: Message text for users attempting to log on and Interactive logon: Message title for users attempting to log on policy settings are closely related.

Interactive logon: Message text for users attempting to log on specifies a text message to be displayed to users when they log on.

Interactive logon: Message title for users attempting to log on specifies a title to appear in the title bar of the window that contains the text message. This text is often used for legal reasons — for example, to warn users about the ramifications of misusing company information, or to warn them that their actions might be audited.

Not using this warning-message policy setting leaves your organization legally vulnerable to trespassers who unlawfully penetrate your network. Legal precedents have established that organizations that display warnings to users who connect to their servers over a network have a higher rate of successfully prosecuting trespassers.

When these policy settings are configured, users will see a dialog box before they can log on to the server console.

Possible values

The possible values for this setting are:

Best practices

It is advisable to set Interactive logon: Message text for users attempting to log on to a value similar to one of the following:

1. IT IS AN OFFENSE TO CONTINUE WITHOUT PROPER AUTHORIZATION.
2. This system is restricted to authorized users. Individuals who attempt unauthorized access will be prosecuted. If you are unauthorized, terminate access now. Click OK to indicate your acceptance of this information.

Any warning that you display in the title or text should be approved by representatives from your organization’s legal and human resources departments.

Location

Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options

Default values

The following table lists the actual and effective default values for this policy. Default values are also listed on the policy’s property page.

Server type or GPO	Default value
Default Domain Policy	Not defined
Default Domain Controller Policy	Not defined
Stand-Alone Server Default Settings	Not defined
DC Effective Default Settings	Not defined
Member Server Effective Default Settings	Not defined
Client Computer Effective Default Settings	Not defined

Policy management

This section describes different requirements to help you manage this policy.

Restart requirement

None. Changes to this policy become effective without a device restart when they are saved locally or distributed through Group Policy.

Security considerations

This section describes how an attacker might exploit a feature or its configuration, how to implement the countermeasure, and the possible negative consequences of countermeasure implementation.

There are two policy settings that relate to logon displays:

The first policy setting specifies a text message that displays to users when they log on, and the second policy setting specifies a title for the title bar of the text message window. Many organizations use this text for legal purposes; for example, to warn users about the ramifications of misuse of company information, or to warn them that their actions may be audited.

Vulnerability

Users often do not understand the importance of security practices. However, the display of a warning message before logon may help prevent an attack by warning malicious or uninformed users about the consequences of their misconduct before it happens. It may also help reinforce corporate policies by notifying employees of appropriate policies during the logon process.

Countermeasure

Configure the Interactive logon: Message text for users attempting to log on and Interactive logon: Message title for users attempting to log on settings to an appropriate value for your organization.

Potential impact

Users see a message in a dialog box before they can log on to the server console.

How to Set Up Auto Login in Windows

Configure automatic login in Windows 10, 8, 7, Vista, or XP

There are plenty of good reasons to auto log in to your computer. For one, you no longer need to enter your password every day, speeding up the impression of how long it takes your computer to start.

Of course, there are also several reasons not to set up your computer to auto log in. The most important reason is that you’ll lose the ability to secure your files from others that have physical access to your computer.

However, if security isn’t an issue, we must say that being able to have Windows fully start, without having to sign in, is pretty handy. and easy to do. It’s something you can configure in just a few minutes.

You can do this by making changes to a program called the Advanced User Accounts Control Panel applet (which, depending on your version of Windows, is neither an applet nor available in Control Panel).

One of the steps involved in configuring Windows to automatically log in differs depending on which Windows operating system you’re using. For example, the command used to launch the Advanced User Accounts Control Panel applet is completely different in Windows XP than in Windows 10, Windows 8, Windows 7, and Windows Vista.

See What Version of Windows Do I Have if you’re not sure which of those several versions of Windows is installed on your computer.

How to Automatically Log On to Windows

Open the Advanced User Accounts program.

To do this in Windows 10, Windows 8, Windows 7, or Windows Vista, enter the following command in the Run dialog box via WIN+R or from the Power User Menu (in Windows 10 or 8), followed by a tap or click of the OK button:

A different command is used in Windows XP:

You can also open Command Prompt and do the same if you’d rather, but using Run is probably a bit quicker overall. In Windows 10, you can also just search for netplwiz using the search/Cortana interface.

Technically, this program is called the Advanced User Accounts Control Panel, but it’s not really a Control Panel applet and you won’t find it in Control Panel. To make it more confusing, the title of the windows says just User Accounts.

Uncheck the box next to Users must enter a user name and password to use this computer from the Users tab.

Select OK at the bottom of the window.

When the Automatically sign in box appears, enter the username you wish to use for your automatic login, followed by the password in the next two boxes.

In Windows 10 and Windows 8, if you’re using a Microsoft account, be sure to enter the entire email address that you use to sign into Windows with, in the User name field. The defaults there might instead be the name associated with your account, not your actual username.

Select OK to save and close the open windows.

Restart your computer and make sure that Windows automatically logs you in. You may catch a glimpse of the sign-in screen, but only long enough to see it log you in without you having to type anything!

Are you a Desktop lover looking to speed up your Windows 8 boot process even more? In Windows 8.1 or later you can make Windows start directly to the Desktop, skipping the Start screen. See How to Boot to the Desktop in Windows 8.1 for instructions.

How to Use Auto Login in a Domain Scenario

You won’t be able to configure your Windows computer to use an auto login in exactly the way described above if your computer is a member of a domain.

In a domain login situation, which is common in larger business networks, your credentials are stored on a server run by your company’s IT department, not on the Windows PC you’re using. This complicates the Windows auto login setup process a little bit, but it’s still possible.

Here’s how to get that checkbox from Step 2 (instructions above) to appear so you can check it:

Open Registry Editor which, in most versions of Windows, is most easily done by executing regedit from the search box after you select the Start button.

While following the steps below exactly should be perfectly safe, it’s highly recommended that you back up the registry prior to making the changes.

From the registry hive listing on the left, choose HKEY_LOCAL_MACHINE, followed by Software.

If you’re in an entirely separate location in the Windows Registry when you open it, just scroll to the very top on the left side until you see Computer, and then collapse each hive until you reach HKEY_LOCAL_MACHINE.

Continue drilling down through the nested registry keys, first to Microsoft, then Windows NT, then CurrentVersion, and then finally Winlogon.

With Winlogon selected on the left, locate the registry value of AutoAdminLogon on the right.

Double-click AutoAdminLogon and change the Value data to 1 from 0.

Select OK.

Restart your computer and then follow the standard Windows auto-login procedure outlined above.

When the Auto Log In Domain Setup Doesn’t Work

That should work, but if not, you may have to manually add a few additional registry values yourself. It’s not too difficult.

Work back to Winlogon in the Windows registry, as outlined above from Step 1 through Step 3.

Add the string values of DefaultDomainName, DefaultUserName, and DefaultPassword, assuming they don’t already exist.

You can add a new string value from the menu in Registry Editor through Edit > New > String Value.

Set the Value data as your domain, user name, and password, respectively.

Restart your computer and test to see that you can use the auto login without entering your normal Windows credentials.

Is It Safe to Auto Log In to Windows?

As great as it sounds to be able to skip over that sometimes-annoying login process when Windows starts, it’s not always a good idea. In fact, it may even be a bad idea, and here’s why: computers are less and less physically secure.

Security Risks and Auto Log In

If your Windows computer is a desktop and that desktop is in your home, which is probably locked and otherwise secure, then setting up automatic logon is probably a relatively safe thing to do.

On the other hand, if you’re using a Windows laptop, netbook, tablet, or another portable computer that often leaves your home, we highly recommend that you don’t configure it to automatically log in.

The login screen is the first defense your computer has from a user that shouldn’t have access. If your computer is stolen and you’ve configured it to skip right over that basic protection, the thief will have access to everything you have on it—email, social networks, other passwords, bank accounts, and more.

Multiple User Accounts and Auto Log In

Also, if your computer has more than one user account and you configure an auto login for one of those accounts, you (or the account holder) will need to log off or switch users from your automatically logged in account to use the other user account.

In other words, if you have more than one user on your computer and you choose to auto log in to your account, you’re actually slowing down the other user’s experience.