Microsoft Windows 7 Registry – CachedLogonsCount

Windows 7 Registry – CachedLogonsCountcachedlogonscount Vista Registry

A security hack sounds like an oxymoron.  However, I once had a client who wanted to improve their laptop security, for them, minimizing cached logons was the answer. 

The default number of cached logons for a client such as Windows 7 is 50 (10 in Vista).  With a quick registry edit of CachedLogonsCount, we can reduce this to value zero.  My client had laptops which operated on an Active Directory domain, and they did not want users (or hackers) to logon unless the laptop could authenticate with a domain controller.  Since there is no GUI to reset the cached logons, this is a job for a registry tweak.

Topics for Windows 7 CachedLogonsCount

 ♦

First Objective to Reach the Winlogon Registry Folder

I have divided our task into two parts.  Our first task is to find the correct part of the registry; our second task is to edit the actual registry value.Find Winlogon Registry

Method 1) Flashy.  Launch Regedit, click on the Edit menu and then select ‘Find’.  Now type Winlogon in the ‘Find what:’ dialog box.  Put a tick in only the ‘Keys’ box, see screenshot to the right.  The purpose of this technique is to navigate to the folder containing CachedLogonsCount as quickly as possible.

Note: If you don’t tick ‘Match whole string only’, you may have to press F3 two or three times until you see the following path at the very bottom of the regedit screen:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\winlogon

Method 2) Safe and sure.  If Method 1 fails, then here is an alternative method, launch regedit and manually drill down to:
HKLM**\Software\Microsoft\Windows NT\CurrentVersion\winlogon.

** HKLM is an abbreviation of HKEY_LOCAL_MACHINE, and HKCU is shorthand for HKEY_CURRENT_USER.  These acronyms are so well-known that you can even use them in .reg files, Vista will understand and obey the registry instruction.

Second Objective to Set the CachedLogonsCount value = 0

The default value for the cached logons count is 50.  Our job is to edit this REG_SZ value from 50 to zero.  Before you go any further, check the path; there are at least four instances of ‘Winlogon’ in the registry.

Let us assume that you have reached: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\winlogon.  The next task is to double-click CachedLogonsCount.  If this setting is not present, no worries, just right-click in the right hand pane, and create a new REG_SZ called CachedLogonsCount.

For greater security, double-click and change the value for CachedLogonsCount to 0 (zero).  Alternatively, to give a laptop the maximum cached logons when it is away from its domain controller, set the value = 50 (maximum number)

Set CachedLogonsCount = 0

CachedLogonsCount

cachedlogonscount Vista setting for laptops

Key Learning Points

  • Were you able to master: Find – ‘Keys’?
  • Do you find the CachedLogonsCount value in HKCU** or HKLM?
    Answer: HKLM
  • Do you have to add a value, or modify an existing setting? 
    Answer: Modify changing 50 –> 0. 
  • Is it a String Value or a DWORD?
    Answer: REG_SZ (String value).
  • Do you need to Restart, or merely Logoff / Logon?
    Answer: Restart
  • This example merely edits an existing value.
  • Tip: F3 speeds up searching when using ‘Find’.

** HKLM is an abbreviation of HKEY_LOCAL_MACHINE, and HKCU is shorthand for HKEY_CURRENT_USER.  These acronyms are so well-known that you can even use them in .reg files, Vista will understand and obey the registry instruction.

Windows 7 CashedLogonsCount Summary

The default number of cached logons for Windows 7 is fifty.  With a quick registry edit of CachedLogonsCount, we can reduce this to value zero.  Because there is no convenient GUI to reset the cached logons, this is a job for a registry tweak.

If you like this page then please share it with your friends

 


More Windows 7 Registry Tweaks