The autologin feature is provided as a convenience. However, this feature may be a security risk. If you set a computer for autologin, anyone who can physically obtain access to the computer can gain access to all the computer’s contents, including any networks it is connected to. Additionally, when autologin is turned on, the password is stored in the registry in plain text. The specific registry key that stores this value can be remotely read by the Authenticated Users group. Using the Sysinternals tool is necessary in order not to have the password displayed in plain text in the registry.
There are various ways to achieve this. You can turn the auto-logon off via the registry or netplwiz (user Account settings, I will be discussing how to disable autologin via the Auto Logon Tool (SysInternal Tool).
Follow these steps below to turn off auto logon using one of the Sysinternal Tool called Auto Logon.
- Launch the Autologon.exe as shown below, the parameters will automatically be populated.
- Then click on Disable.
Alternatively, if the shift key is held down before the system performs an autologon, the autologon will be disabled for that logon.