• ARTICLES
SEARCH

How-To Geek

Enable Ctrl+Alt+Delete for Vista Logon Screen

In older versions of Windows, you had to use the Ctrl+Alt+Delete combination to login to the system. This was supposed to provide a higher security login, although I don’t know how. You also might be used to using that combination to login, and there’s a way to turn it back on.

Open the Advanced User Accounts panel by typing in netplwiz into the start menu search box, and hitting enter. Then click the Advanced tab, and you’ll see this:

Just check the box, and the next time you login, you’ll see the old familiar prompt.

Update

For a method that works all the time, type in secpol.msc into the start menu search box and then navigate to Local Policies \ Security Options.

Find the setting for “Interactive Logon: Do not display last user name” and change it to enabled.

secpol.png

Lowell Heddings, better known online as the How-To Geek, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on if you'd like.

  • Published 01/25/07

Comments (41)

  1. Iain

    I heard the whole ctrl-alt-delete to log in was caused by a hacker who hacked into a windows 95 or similar machine. He argued that because it said ‘welcome’ he was invited onto the computer and therefore was not actually accessing it illegally, and was thus not hacking into it.

    No idea if this is true or not but given how some people argue court cases on similarly small points, I wouldn’t be surprised if it was.

  2. The Geek

    That’s very interesting… I wonder if it’s true.

  3. Cerberus

    I am 99% sure that this is true. that is why ‘we’ went toward so much more ‘open’ compliance.

  4. impyb

    The CTRL-ALT-DEL was a semi-lame attempt (though effective) at dealing with certain types of attacks. Theoretically a malicious programmer could write a fake shell that would snag your login credentials. Getting users into the habit of C-A-D to login means that the user would (probably unknowingly) force quit the malicious shell when they tried to login.

  5. dean

    The old “control userpasswords2″ and “gpedit.msc” still works. The purpose of the “interactive logon” is to provide a trusted path for the password. Without it, the password can be intercepted.

    Its also required to log into a domain

    Dean

  6. dean

    Windows 95 did not have a Welcome screen. By default it booted up to the desktop. A rudimentary windows password could be configured, however there were no user accounts (or usernames).

    At the same time Windows NT (4.0) Server did require the ctrl-alt-del.

    Thus your story must be false

  7. jps

    The reason CTRL-ALT-DEL exists is to provide some measure of confidence when entering a password at the login screen. This key combination is the only one Windows assures that cannot be intercepted by any other application. So, by ensuring that the user presses that key combination before entering his password, he/she will know that the password screen really belongs to Windows.

  8. Ronin Vladiamhe

    Not sure about the story, but a little assistance would be appreciated. We have a single Vista machine, with multiple users accounts, in a domain. Currently, at machine startup, the user is presented with Ctrl-Alt-Del, which then takes the user to the classic logon (username/password). Due to the domain configuration, each user has to type in “domain”\username and password to log into there personalized desktop. Is there a way to change the logon screen (@ computer startup) to show icons for each user account, which would enable the user to simply click her/his name, leading to the entering of that user’s password?

  9. you are all retarded

    This keyboard combination was implemented by David Bradley, a designer of the original IBM PC. Bradley originally designed Control-Alt-Escape to trigger a soft reboot, but he found it was too easy to bump the left side of the keyboard and reboot the computer accidentally. He switched the key combination to Control-Alt-Delete, a combination impossible to press with just one hand (this is not true of later keyboards, such as the 102-key PC/AT keyboard or the Maltron keyboard). More advanced operating systems use its status as a “reserved” combination for various purposes, but often retain the ability to trigger a soft reboot in certain configurations or circumstances. Bradley is also known for his good-natured jab at Bill Gates, at that time the CEO of Microsoft, and also the creator of many of Microsoft’s programs: “I may have invented Control-Alt-Delete, but Bill Gates made it famous”.

    -http://en.wikipedia.org/wiki/Control-Alt-Delete

    Ever heard of Google? Tards.

  10. Shack's

    Like the history thread above… For those who have problems trying to get Windows Vista (Ultimate) to require the user to press Ctrl+Alt+Del use the following:

    I got the info from:
    http://msmvps.com/blogs/robfarley/archive/2007/04/02/vista-requiring-ctrl-alt-del-before-login.aspx?CommentPosted=true#commentmessage

    The post was by Nothize… He’s v.good as it works fine…. cheers mate.
    Just to clarify:
    Run Reg Edit – locate “HKEY_LOCAL_MACHINE” – “Software” – “Microsoft” – “Windows” – “CurrentVersion” – “Policies” – “System” – “dontdisplaylastusername”
    and change the value to “1″

  11. Vallamreddy VenuGopal

    Can any body know’s how to change this key combination?

  12. PCGuru

    They use Ctrl+Alt+Del to also prevent people from using brute force password programs that use a list of passwords to try to obtain the right one. Requiring you to hit C+A+D makes it so it cant just start filling in thousands of passwords, and as someone stated above, Programs cant run Ctrl+Alt+Del, hence the hacker would be forced to hit Ctrl+Alt+Del every time he tried a password, which would take forever.

  13. Rob.

    Does the secpol.msc thing only work for windows vista ultimate and business editions cos i couldnt get it to work for my vista home premium :’(

  14. Ronin Vladiamhe

    In a domain environment, is there a way to configure Vista to only require users to input their username without requiring the DOMAIN NAME\ to preceed it?

  15. nothize

    Hey Shack!! Nice to see you here! And thanks for sharing the solution elsewhere!!

    A little thing to add is that on Vista Home(Instead of Ultimate), nearly all tools suggested by others are unavailable to achieve the goal.(like security policy, netplwiz advanced tab and control userpasswords2).

    Which is what “Rob” and I was experiencing…….

    For Rob, please try to modify the registry manually as suggested by Shack!!

  16. ed

    The story is not true. That sequences is the only one that Windows blocks from being sent to an application. Some companies do change the “welcome” screen to put hackers on notice, but that is in no way related to the use of ctrl-alt-del.

    It’s easy to create a phony log-on screen to capture someone else’s password. But there is no way to have a phony screen pop up with the ctrl-alt-del sequence, since that is reserved by windows, and cannot be trapped by any applications. The sequence is an extra measure of security.

    Since there were virtually no exploits of this type anyway, the default behavior is to bypass it in more recent versions of windows, but it can still be turned on.

  17. diana

    How do I delete a alt ctrl del prompt when I start up in an IBM pc?

  18. Electronicowboy

    The Ctrl-Alt-Del key combination may have been a way to ensure that the user was entering the username and password into a valid login screen. But maybe not! I have seen programs that run when windows starts and it present a login that is exactly the one windows presents. But once you enter your user name and password it disappears and the real one appears. The user thinks he/she has entered the incorrect username or password and types it again. Then the fake login application sends the users information to the application author.

  19. danish

    The CTRL-ALT-DEL was a semi-lame attempt (though effective) at dealing with certain types of attacks. Theoretically a malicious programmer could write a fake shell that would snag your login credentials. Getting users into the habit of C-A-D to login means that the user would (probably unknowingly) force quit the malicious shell when they tried to login.

    the above quote is bullshit the correct reason why they use ctrl alt delete is because it can only be assigned to windows i.e. it is a windwos ONLY shorcut

  20. Paul

    I CANNOT access secpol.msc. Help please (wont work through start menu, run, or command prompt) I am running a Windows Vista 32-bit Premium machine.

  21. Jean

    @Paul, that’s because there’s no way to do it on Home Premium. Or Home Basic.

    It’s a Home operating system — because Microsoft has dictated that no home user will ever need to do that. You need to fork out the cash for Ultimate, if you want to upgrade your Home Premium machine so you can set policies.

    If you want to be free of crazy arbitrary restrictions like that, go Linux or Mac. If not, you deserve every amount of pain you inflict on yourself by continuing to tag along with Microsoft.

  22. Paul

    @Jean, Thank you for your comment.

    However it was completely deplorable the end, and it was also extremely rude.

  23. Joe

    @Jean & Paul, I just used “control userpasswords2″ on my Vista Home Premium laptop just like I did last night on my XP Home Edition desktop.

  24. prahagunawan

    I use windows vista Home basic, but i can’t enable Ctrl+Alt+Delete for vista logon Screen. If I typing netplwiz in
    start menu search, Advanced User Account Panel open, and i can’t check the box in secure logon.like picture in attachment
    can You help me to enable Ctrl+Alt+Delete for Vista logon Screen in My vista Home Basic,Thanks for Your Attention.

  25. harry

    The updated info above seems wrong? I would use the setting that is Interactive Logon – Do not require Control-Alt-delete. It defaults to enabled on standalone pcs. Disable and you will have to use cnt-alt-del before loggin on. The setting mentioned here does only what it states. It may also cuase the system to revert to cnt-alt-delete but I want the last logon name displayed.

  26. Shade

    jps is right. its to stop another application impersonating the windows login screen and retrieving usernames and passwords to be emailed to the developer of the third party app. ctrl-alt-del is difficult (not impossible) to block with the new (post ’98) kernel. In previous versions applications could send Windows a message to say that the screen saver is running, and windows would respond to cad by saying “go away im sleeping grr” but now all that is “safely” locked up in SAM, and not too many unethical developers have gotten past this yet (not that they’ve tried much – better ways of hacking have recently opened up).

    ~Shade

  27. dave

    The requirement for the keyboard user to type some special key sequence, guaranteed uninterceptible by user programs, is part of the US governments’ criteria for evaluating security. It is referred to, I think, as ‘trusted path login’.

    http://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria

    The requirement is more obvious if you’ve used a timesharing system, wherein it is trivial for user A to write a program which prompts ‘login:’ (or similar) and waits for unsuspecting user B to show up.

    On Windows NT, the question was then ‘which key combination to choose’. Just about every interesting key sequence was already in use by some Windows 3.1 application. Ctrl+Alt+Del was an obvious exception.

    There’s no other connection between Ctrl+Alt+Del as the Windows secure attention key sequence and the fact that it is traditionally handled by the PC BIOS in real mode; except that the fact that it was handled by the BIOS pretty much guaranteed that it was assigned no other use.

  28. Rafael Munoz G.

    Thank you so much…. I fix that on my father’s computer… =D

    Ciao!

  29. Travis

    Ctrl alt del is not a WINDOWS ONLY command, it is used during POST or Power On Self Test, where the bios checks all system resources, and it is used to restart the system during the post. and a PC is not a Windows ONLY machine, it can also be used to run LINUX, UNIX, SOLAIRS, and in an illegal and hacked instance MAC OS. BIOS manufactures are not only windows, they have nothing to do with Microsoft really, they are just instructions for the motherboard and resources on how to handle things, IE. Phenox and Award bios’s are there own company. sorry if any misspelled words. im not sure where it originated, just wanting to clear that up from a previous post above.

  30. Johnson Yip

    Thanks, your tutorial is easy to follow. I found the pictures and steps easy to follow. I read in a Mike Meyers All in One Comptia A+ book on the section on maintaining Windows that the CTRL ALT DEL command wipes the memory of running programs in the login screen, so no other program can pretend to be the login screen to steal your password and username.

  31. Dingle-whaght

    I haven’t tried this yet, but by doing this method, are you able to use the regular log in and the ctrl+alt+delete login?

  32. sam

    ctrl+alt+del is used to switch win XP login screen.
    in does not works in vista. i have lost my user password.
    but my administrator has no password. how can i access it.
    please help me.

  33. Charlton

    The story is true. But it wasn’t with windows login, it was a cisco router on a school network. The ‘hackers’ defense was that after they logged in, it said ‘welcome’. That’s why now on cisco routers and other devices, it does not say welcome. It says something more along the lines of “You have now logged in.”

  34. Vista Home Premium 64

    Thanks guys,

    control userpassword – typical “user-friendly” password panel
    control userpassword2 – what we’re looking for

    you’re right

  35. CDUDE

    CAN SOMEONE HELP ME WITH THE UPDATE PART.
    EACH TIME I TYPE secpol.msc INTO THE SEARCH BAR IT COMES UP IN FIREFOX AND SAYS CAN’T CONNECT TO SERVER.
    I DON’T UNDERSTAND WAT I HAVE TO DO TO AVOID THIS PROBLEM

  36. Dean P

    That method does not work on Windows Vista Starter, Windows Vista Home Basic and Windows Vista Home Premium.

    If you want to enable Ctrl+Alt+Delete for Vista Logon Screen. Then type netplwiz, then click the advanced tab and tick the box at the bottom.

    secpol.msc is only available in Business, Enterprise and Ultimate editions.

  37. Asitha

    Is this Ctrl+Alt+Delete valid for Windows 7 Home Premium?

  38. Ambicapathy

    This information was really very useful..Thanks.

  39. Deej

    Dude

    It’s 12 July 11 as I type this, and I just installed *ugh* Windows 7 on a spare partition. I’ve been used to the CTRL-ALT-DEL login routine since getting to like WinNT Workstation 3.5.1 (the most stable Windows _ever_); I’ve hated the silly linux-like user login icons since microsoft implemented them.

    After getting rid of most of the Aero and Glass and cr@p, the iconized login (and restoring File Manager to full functionality) were the only things really left. You fixed the one, and I’ve got the fix for the other. You are, indeed, a deity. Many thanks. :)

    (Now if it was only possible to shrink the @#$%^! Start Menu down to a less-wasteful size…)

    Deej

  40. anchovy

    Thank you so much it works!!!!!!!!!

  41. Jordan

    It’s really funny (and the trend hasn’t stopped with M$) that they used CTRL+ALT+DEL as a security measure because “no program can fake that key combination”..but VNC can (and has been able to for a long time now), which ironically is a remote control application. =p

Get Free Articles in Your Inbox!

Join 134,000 newsletter readers

Email:

Go check your email!