noellarkin Posted September 28, 2023 Posted September 28, 2023 This is possible? I was trying to use registry edits to set the "last logged user" to make the system reboot into User2 (using Shutdown($SD_REBOOT) ) but it keeps logging back into User 1 when restarting.
rsn Posted September 28, 2023 Posted September 28, 2023 I dabbled with this once upon a time. Automating the Microsoft Autologon tool was the best and simplest solution.
noellarkin Posted September 29, 2023 Author Posted September 29, 2023 Thanks, this is what the description says: Quote Autologon enables you to easily configure Windows’ built-in autologon mechanism. Instead of waiting for a user to enter their name and password, Windows uses the credentials you enter with Autologon, which are encrypted in the Registry, to log on the specified user automatically. [!WARNING] Although the password is encrypted in the registry as an LSA secret, a user with administrative rights can easily retrieve and decrypt it. (For more information see Protecting the Automatic Logon Password ) Autologon is easy enough to use. Just run autologon.exe, fill in the dialog, and hit Enable. The next time the system starts, Windows will try to use the entered credentials to log on the user at the console. Note that Autologon does not verify the submitted credentials, nor does it verify that the specified user account is allowed to log on to the computer. To turn off auto-logon, hit Disable. Also, if the shift key is held down before the system performs an autologon, the autologon will be disabled for that logon. You can also pass the username, domain and password as command-line arguments: autologon user domain password Note: When Exchange Activesync password restrictions are in place, Windows will not process the autologon configuration. I'm curious what "domain" is in this context? I'm using windows 10 on a desktop machine. Do I have to add autologon.exe to Windows Startup?
Solution rsn Posted September 29, 2023 Solution Posted September 29, 2023 (edited) Autologon takes command line arguments so using it might be simpler than you think. autologon.exe <username> <domain> <password> If the PC in question isn't joined to a Windows Domain, you would use the name of the PC. Example from the command line: autologon.exe noellarkin %COMPUTERNAME% MyC0mplexP@ssword Right before you trigger your logoff use autologon to set whoever you want to log in next. Example in AutoIt: $iPID = Run ( @ComSpec & " /c c:\path\to\autologon.exe noellarkin " & @computername & " MyC0mplexP@ssword" , "" , @SW_HIDE ) ProcessWaitClose($iPID) Shutdown (0) Edited September 29, 2023 by rsn examples noellarkin and ioa747 2
rudi Posted October 2, 2023 Posted October 2, 2023 Keep in mind, that the password is decryptable. https://keithga.wordpress.com/2013/12/19/sysinternals-autologon-and-securely-encrypting-passwords/ The head line "LSA secrets" and below will explain this concern. rsn 1 Earth is flat, pigs can fly, and Nuclear Power is SAFE!
rsn Posted October 3, 2023 Posted October 3, 2023 Good point @rudi. I wouldn't use it in an enterprise or domain environment since it is decryptable and, more importantly, that the creds are passed in plain text during the setup. But for some simple home/personal use, the attack profile is relatively low.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now