According to the sysinternals folks AutoLogon stores it indirectly as an LSA secret now.
lsass.exe puts it at [HKLM\SECURITY\Policy\Secrets\DefaultPassword\CurrVal\(Default)], at Autologon's "request". Keys are documented at this Forefront page. http://technet.microsoft.com/en-us/library/bb432638.aspx -----Original Message----- From: Kurt Buff [mailto:[email protected]] Sent: Tuesday, September 22, 2009 11:04 AM To: NT System Admin Issues Subject: Re: Autologons? That's news to me. I wonder how that works. On Tue, Sep 22, 2009 at 10:16, Andrew S. Baker <[email protected]> wrote: > AutoLogon doesn't do plaintext registry entries anymore. > > -ASB: http://XeeSM.com/AndrewBaker �� Providing Competitive Advantage through Effective IT Leadership > > > On Tue, Sep 22, 2009 at 12:00 PM, Ben Scott <[email protected]> wrote: >> >> On Tue, Sep 22, 2009 at 11:43 AM, David Lum <[email protected]> wrote: >> > Do you guys have any servers thatautomatically log into the console >> > session >> > at boot-up? >> >> ��We have computers that do that.���Whether you call them a "server" or >> not is largely irrelevant. >> >> > Anyone have a similar situation, and if so how do you handle it? >> >> ��Restrict what the account can access as much as possible, both >> locally and on the network. >> >> ��Restrict physical access to the machine. >> >> ��If this is a domain account, be aware that "Authenticated Users" >> doesn't mean as much as it might otherwise. >> >> ��Be aware that the password will be accessible in plaintext in the >> registry. >> >> -- Ben >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>���~ > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
