Windows 2000 Hide LastLogon ID

by Wayne Maples [Published on 20 April 2004 / Last Updated on 20 April 2004]

By default, Windows NT 4.0 displays the name of the last person who logged on to the system. This informational exposure can pose a security threat, especially if a user's password can be guessed from the account name or the login environment. Many Windows NT4 sites apply the DontDisplayLastUserName registry hack. This security setting may be lost in an upgrade to Windows 2000 Professional since the value changes location and type. The Windows 2000 registry hack is:

Hive: HKEY_LOCAL_MACHINE
Key: Software\Microsoft\Windows\CurrentVersion\Policies\System
Name: DontDisplayLastUserName
Type: REG_DWORD
Value: 1 hide
Value: 0 don't hide

The value was moved from the Winlogon section to the Policies section and the type was changed from REG_SZ to REG_DWORD.

See Also

Featured Links