Vista Registry Tweak – DontDisplayLastUsername

Vista Registry Tweak – DontDisplayLastUsername

The idea behind the DontDisplayLastUsername registry tweak is to tighten security, particularly on communal machines.  The default registry setting means that the logon dialog box displays the last username.  If it’s your own machine, where no-one else ever logs on – fine, don’t change the setting.  However, if it’s a communal machine, then one user can inadvertently, or even deliberately, lockout another user’s account.  Solution: DontDisplayLastUsername = 1.

Topics for DontDisplayLastUsername


Instructions for Setting DontDisplayLastUsernameWindows Vista Regedit and DontDisplayLastUsername

  1. Launch Regedit. (See more details on starting regedit)
  2. Navigate to:
    HKLM\Software\Microsoft\Windows\CurrentVersion\ Policies\System\DontDisplayLastUserName
    Set: DontDisplayLastUsername = 1
  3. Tip: In regedit, click on the Edit menu, ‘Find’: DontDisplayLastUsername
  4. To see the effect, try a Logoff / Logon to the Vista Machine
  5. Double check the logic of ‘don’t display the last username’ (1 = Yes: don’t.  Whereas, 0 = No: Do)

Key Learning Points

  • Do you find the DontDisplayLastUsername value in HKCU** or HKLM?
    Answer: HKLM
  • Do you have to add a value, or modify an existing setting? 
    Answer: Modify 0 –> 1.
  • Is it a String Value or a DWORD?
    Answer: REG_SZ (String value).
  • Do you need to Restart, or merely Logoff / Logon?
    Answer: Restart
  • Special Note: In Vista the path to DontDisplayLastUsername is different from that in XP.  In a nutshell,
    Windows NT\CurrentVersion\winlogon has changed to:
    Windows\CurrentVersion\Policies\System\.  The full paths are:
    XP   : HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon
    Vista: HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

Solarwinds Config GeneratorGuy Recommends: The Free Config Generator

SolarWinds’ Config Generator is a free tool, which puts you in charge of controlling changes to network routers and other SNMP devices.  Boost your network performance by activating network device features you’ve already paid for.

Guy says that for newbies the biggest benefit of this free tool is that it will provide the impetus for you to learn more about configuring the SNMP service with its ‘Traps’ and ‘Communities’. Try Config Generator now – it’s free!

Download your free copy of Config Generator

And a story goes with ‘Guy’s tip’.

The 1930’s writer Damon Runyon, had a character called ‘Harry the horse’, who made a living out of giving tips. What distinguished Harry from the rest of the 1930’s hustlers, was the story that went with his tips.  I would love to be the ‘Harry the horse’ of Vista tips, but normally my readers just don’t have time for a story, they just want to cut to the chase.

In the case of DontDisplayLastUserName, my story is this.  On my training course I had a techie from a well-known British University, (or should I say Luniversity).  His students had a craze of locking out their lecturers accounts by typing the wrong password for the lecturer’s username, 5 times.  What happened was they would spot a lecturer working at a communal machine, then when he logged off, they would try and logon with his username, but the wrong password.  Result: one lecturer’s account gets locked out.

The consequence of the immature actions of these students was frustrating for the poor lecturers, and extra work for the IT technician.  It was a pleasure to suggest the solution, on the communal machines – edit the registry and set: DontDisplayLastUsername = 1.  Now, your brain may be racing ahead here.  Are you thinking, ‘why don’t they implement a Group Policy’.  Quite right.  A Group Policy is the way to go, configure all student and communal machines to prevent the display of the last user.  You may NOT want to have this setting on your own machine, or that of any trusted user because, let us face it, it is irritating to have to type the username in addition to the password at every logon.  Turn the argument around, it’s lovely to have your own username displayed at the logon box at your own machine.

Creating a .Reg File

I exported this HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\  branch of the registry into a .reg file, which I then imported to each of the communal machines.  The result was no account lockout after that registry hack. Example DontDisplayLastUsername .reg file.

If you like this page then please share it with your friends


Windows Vista Registry Tweaks: