Windows 7: Auto-Login then Auto-Lock Desktop on a Domain-Connected "Work" computer

If address bar shows sites.google.com, then please click here for the preferred www.bricecenter.com address for this page.
© 2011 Brice Center (first posted 2/8/12 ► last updated 2/8/12)
I hate waiting for computers.  When I get into the office in the morning, I don't want to be slave to my computer, waiting for it to half-boot just so I can put in my password, and then wait some more while it finishes loading Windows.  So, I found a way around it.  My method allows for full password security, but lets the computer fully boot unattended. 

You just have to configure the computer to Auto-Logon, and then to Automatically Lock itself immediately after booting so that no unauthorized user can mess with your machine.  After this is configured, you just hit the power button, then go get a coffee.  When you get back, the machine is fully booted, but locked waiting for your password.  Just put in your password, and you're ready to go immediately.

This is a 3 step process.  You must create an (1) Auto-Lock shortcut, (2) configure Auto-Lock, and then (3) disable the Switch User Feature.  First the easy part...Auto-Lock after booting.

1. Configure Auto-Lock


Right click on your desktop.  Select New > Shortcut. 

When the wizard prompts you for a location paste this code:
%windir%\system32\rundll32.exe user32.dll, LockWorkStation

Then when it prompts you for a name, type "Windows Lock."

(If you are editing the shortcut after creation, paste the code above in the Target field on the Shortcut tab, and the name in the field on the General Tab)

Click OK.

Cut and paste this shortcut into your "Startup" folder under Start > All Programs > Startup.  Anything in the Startup folder will launch at startup, including your new Windows Lock shortcut.


2. Configure Auto-Logon

These instructions were adapted from this set of Microsoft instructions: http://support.microsoft.com/kb/315231

If your computer is a "work" computer connected to a domain:


You can use Registry Editor to add your log on information. To do this, follow these steps:

  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate the following registry key:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
  3. Using your account name and password, double-click the DefaultUserName entry, type your user name, and then click OK.
  4. Double-click the DefaultPassword entry, type your password under the value data box, and then click OK.

    If there is no DefaultPassword value, create the value. To do this, follow these steps:
    1. In Registry Editor, click Edit, click New, and then click String Value.
    2. Type DefaultPassword as the value name, and then press ENTER.
    3. Double-click the newly created key, and then type your password in the Value Data box.
    Note: If the DefaultPassword registry entry does not exist, Windows automatically changes the value of the AutoAdminLogonregistry key from 1 (true) to 0 (false) to turn off the AutoAdminLogon feature after the computer is restarted.
  5. Double-click the AutoAdminLogon entry, type 1 in the Value Data box, and then click OK.

    If there is no AutoAdminLogon entry, create the entry. To do this, follow these steps:
    1. In Registry Editor, click Edit, click New, and then click String Value.
    2. Type AutoAdminLogon as the value name, and then press ENTER.
    3. Double-click the newly created key, and then type 1 in the Value Data box.
  6. Exit Registry Editor.
  7. Click Start, click Restart, and then click OK.
After your computer restarts and Windows starts, you can log on automatically.

If you want to bypass the automatic logon to log on as a different user, hold down the SHIFT key after you log off or after Windows restarts. Note that this procedure applies only to the first logon. To enforce this setting for future logoffs, the administrator must set the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon


Value:ForceAutoLogon
Type: REG_SZ
Data: 1

If your computer is a "home" computer not connected to a domain


You can also turn on automatic logon without editing the registry in Windows Home Edition and in Windows Professional on a computer that is not joined to a domain. To do this, follow these steps:
  1. Click Start, and type netplwiz into the search box.
    • (If that doesn't work, you could instead click Start, type Run into the search box, then in the Open box, type control userpasswords2, and then click OK.)
    Note When users try to display help information in the User Accounts window in Windows Home Edition, the help information is not displayed. Additionally, users receive the following error message:
    Cannot find the Drive:\Windows\System32\users.hlp Help file. Check to see that the file exists on your hard disk drive. If it does not exist, you must reinstall it.
  2. Clear the "Users must enter a user name and password to use this computer" check box, and then click Apply.
  3. In the Automatically Log On window, type the password in the Password box, and then retype the password in the Confirm Password box.
  4. Click OK to close the Automatically Log On window, and then click OK to close the User Accounts window.



3. Turn off the Switch User Feature.


You will then need to disable the "Switch User" feature.  If you don't then the Windows Lock screen will show the Switch User button, and if someone clicks it, they will automatically be logged in as you.

To do this follow one of these two tutorials (they both give basically the same methods, but give different extra bits of background info).