The idea behind the DontDisplayLastUsername registry tweak is to tighten security,
particularly on communal machines. The default registry setting means that the logon dialog box displays the last username. If it's your own machine, where no-one else ever logs on - fine,
don't change the setting. However, if it's a communal machine, then one user can inadvertently, or even deliberately, lockout another user's account. Solution: DontDisplayLastUsername = 1.
Do you find the DontDisplayLastUsername value in HKCU** or
HKLM? Answer: HKLM
Do you have to add a value, or modify an existing setting? Answer: Modify 0 --> 1.
Is it a String Value or a DWORD? Answer: REG_SZ (String value).
Do you need to Restart, or merely Logoff / Logon? Answer: Restart
Special Note: In Vista the path to DontDisplayLastUsername is different from that in XP. In a nutshell, Windows NT\CurrentVersion\winlogon has
changed to: Windows\CurrentVersion\Policies\System\. The full paths are: XP : HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon Vista:
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\
Guy Recommends a Free Tool: VM Console
Virtual Machines are great for reducing hardware costs, but they can
multiply fast and can get out of control. Solarwinds' VM Console is
the classic tool to answer the following questions:
Which VM's are struggling and thus need more resources.
Which VM's are idle, and so are literally a waste of (disk) space.
The benefit of a good utility such as Solarwinds Virtualization Manager
is that you see the big picture yet drill down into the detail of disk,
memory or CPU.
The 1930's
writer Damon Runyon, had a
character called 'Harry the horse', who made a living out of
giving tips. What distinguished Harry from the rest of the 1930's hustlers, was the story that went with his tips. I would love to be the 'Harry the horse' of Vista tips, but normally my readers just
don't have time for a story, they just want to cut to the chase.
In the case of DontDisplayLastUserName, my story is this. On my training course I had a techie from a well-known British University,
(or should I say Luniversity). His students had a craze of locking out their lecturers accounts by typing the wrong password for the lecturer's username, 5 times. What happened was they would spot a
lecturer working at a communal machine, then when he logged off, they would try and logon with his username, but the wrong password. Result: one lecturer's account gets locked out.
The consequence of the
immature actions of these students was frustrating for the poor lecturers, and extra work for the IT technician. It was a pleasure to suggest the solution, on the communal machines - edit the registry and
set: DontDisplayLastUsername = 1. Now, your brain may be racing ahead here. Are you thinking, 'why don't they implement a Group Policy'. Quite right. A Group Policy is the way to go,
configure all student and communal machines to prevent the display of the last user. You may NOT want to have this setting on your own machine, or that of any trusted user because, let us face it, it is
irritating to have to type the username in addition to the password at every logon. Turn the argument around, it's lovely to have your own username displayed at the logon box at your own machine.
Creating a .Reg File
I exported this HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ branch of the registry into a .reg file, which I then imported to each of the
communal machines. The result was no account lockout after that registry hack. Example
DontDisplayLastUsername .reg file.
»
If you like this page then please share it with your friends
