Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,171 questions
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I was playing with AutoLogon.exe for the first time today and was testing the security around the DefaultPassword. I have found tools that can easily decrypt the password, but that weak security is known.
What I wonder though, is if it is known that when using AutoLogon to disable the auto logon, it appears it does not REMOVE the previously stored encrypted password. That's a bit of a concern.
Further, at this point I do not know a way to clear this out. I tried setting a bogus password, but it seems AutoLogon first validates the username/password before it will store it.