Customizing the Login Process
The standard login process can be customized by editing the registry. The procedures
described in this section are also applicable for Windows NT 4.0, Windows 2000,
Windows XP and Windows Server 2003.
Specifying the Custom Logo Displayed at Login Time
This tip is useful for each of Windows NT/2000, Windows XP and Windows Server
2003. You can change the screen logo used as a background for the login dialog. Any
BMP file can be used for this purpose (for example, a custom logo or any graphic file).
To introduce this modification, you need to do the following:
1. Start the registry editor and expand the HKEY_USERS\.DEFAULT\Control
Panel\Desktop registry key.
2. Find the Wallpaper value entry, and specify the path to the BMP file that you want
to use as a background for the login dialog (Fig. 4.11
).

Figure 4.11: To specify the custom logo displayed at login time, edit the
Wallpaper value under HKEY_USERS\.DEFAULT\Control Panel\Desktop
Note This tip will also work for Windows XP, but only if you disable the Welcome
screen, which by default, is enabled. To disable the Windows XP Welcome screen,
open the Control Panel window, start the User Accounts applet, click the Change
the way users log on or off option, and clear the Use Welcome screen checkbox.
Note that you can customize the Windows XP Welcome screen itself by adding or
removing user accounts to it. To do so, simply expand the
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Windologon\SpecialAccounts\UserList registry key. Add the
value REG_DWORD data type, name it as required, and set the value to 0. This
account will be hidden from the Welcome screen. If you want to make the account
visible again set the value to 1, and it will appear on the Welcome screen. For
example, if you want the Administrator account (which is hidden by default) to
appear on the Welcome screen, create the REG_DWORD value, name it

To specify the text for the title bar caption, select the Interactive logon: Message
title for users attempting to log on option.
Chapter 10
contains more detailed information on using system policies.
Adding a Custom Logon Banner by Editing the Registry Directly
To specify a custom logon banner by direct registry editing, proceed as follows:
1. Open the
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersio
n\WinLogon key.
2. Find the LegalNoticeCaption value entry. Edit its value to specify the phrase that
will be displayed as the caption in the custom-message box.
3. Next, open the LegalNoticeText value entry and edit its value to specify the text of
your custom message.

Not
e
In Windows XP and Windows Server 2003, the LegalNoticeCaption and
LegalNoticeText values were moved to the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\pol
icies\system. These are the registry values that are set when you use Local Security
Policy or Default Domain Controller Security Settings snap-ins. Values with the
same names also exist under
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\
WinLogon. However, the LegalNoticeCaption and LegalNoticeText Values Under
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\pol
icies\system have priority, and if they are set, the values under the Winlogon registry
key will have no effect.
Automating the Logon Process
In contrast to Windows 9x/ME, the logon procedure used in all Windows NT-based
operating systems is an integral part of the security subsystem. However, there may be

Note Note that the AutoAdminLogon is a REG_SZ type value entry, not a
REG_DWORD registry value entry. Also note that, in order to enable automatic
logon, you need to disable the Interactive logon: Do not require
CTRL+ALT+DEL Local Security Setting (Fig. 4.13
).

Figure 4.13: To enable automatic logon, the Interactive logon: Do not require
CTRL+ALT+DEL local security setting must be disabled
Hiding the Last User Name Logged On
In the previous section, we discussed a setting that weakens your security system and
exposes it to risk. Now we are going to discuss a method that will allow you to strengthen
security. When the standard Windows NT/2000/XP or Windows Server 2003
configuration is used, the system displays the name of the user who last successfully
logged. If you hide this name, the security rules will become more restrictive, since
guessing both the user name and password is more difficult. This customization is one of
the most frequently made. As you can guess, it also requires that you to add a new value
to the registry. To hide the user name from the last log on, proceed as follows:
1. Run Regedit.exe and open the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\p
olicies\system.
2. Add the DontDisplayLastUserName value and specify the REG_DWORD data
type for it.
3. Set this entry to 1. When you next log on to the system, the name of the user who
logged on last won't be displayed. If you need to disable this feature later, set this
value to 0.

Note You can carry out the same task using MMC snap-ins to edit the Interactive
Logon: Do not display last logged on user name local security setting. Note
that the same effect can be produced by setting a value with the same name under
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersi