Autologon is not configured, but a plaintext password might be exposed on this computer.
- I have a lot of computers showing up under the Autologon Vulnerability report, none of them actually have autologon enabled. But they show this error - Autologon is not configured, but a plaintext password might be exposed on this computer.
I clicked the more link on the report and it pointed me to an article on turning off the autologon. But says nothing about how to resolve this issue.
Any ideas? It's making my numbers for vulnerabilities higher than it needs to be.
thanks
All Replies
Hi,
Thank you for your post.
As far as I know, when you disable automatic logon, you should also ensure that the password used for automatic logon is no longer stored in the registry. To do so, be sure that the following two registry keys are empty:
HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\DefaultPassword\CurrVal
HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\DefaultPassword\OldVal
For more information, please refer to the following link.
http://technet.microsoft.com/en-us/library/bb432638.aspx
Regards,
Nick Gu - MSFT- Edited byNick Gu - MSFTMSFT, ModeratorWednesday, August 19, 2009 6:11 AM
- Thanks for the response. None of the computers I looked at have that key
Hi,
Thank you for your update.
It is recommended that you ensure that automatic logon is disabled. To do so, be sure the following registry key is set to 0 (zero) on all computers:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon
Regards,
Nick Gu - MSFT- Unmarked As Answer bythenning Friday, September 25, 2009 3:52 PM
- Marked As Answer byNick Gu - MSFTMSFT, ModeratorThursday, August 20, 2009 3:28 AM
- Proposed As Answer byNick Gu - MSFTMSFT, ModeratorWednesday, August 19, 2009 6:15 AM
- Does anyone have an answer for this-
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon is set to 0
These keys do not exist
HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\DefaultPassword\CurrVal
HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\DefaultPassword\OldVal
I have searched the registry for the password that a user uses and it is not in the registry.
But I still show a bunch of computers failing this vulnerabilty-
Check Name: Autologon
Product: Vulnerability Checks
Computer: COMPUTERNAME
Check Result: Autologon is not configured, but a plaintext password might be exposed on this computer.
Score: High
MSRC: Severity N/A
Scanned: http://go.microsoft.com/fwlink/?LinkId=85043
Fix: http://go.microsoft.com/fwlink/?LinkId=85042
Check Description: This check determines whether the Auto Logon feature is enabled on the scanned computer, and if the logon password is encrypted in the registry or stored in plaintext. @ thenning
Hi,
I am having the same problem.
I set the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogon to 0, but could not see anthing in HKEY_LOCAL_MACHINE\SECURITY in registry until I changed the permissions on the Security folder to allow me access.I could then drill down to HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\; I couldn’t see the …\DefaultPassword\CurrVal or …\DefaultPassword\OldVal values but I can see a HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\aspnet_WP_PASSWORD, so will have a play around with this.
Hope this is of any help.
