Is it known that AutoLogon.exe does not remove the DefaultPassword from the LSA Secrets store / Registry?

McDonald, Matthew 216 Reputation points
2024-05-03T16:24:04.3366667+00:00

I was playing with AutoLogon.exe for the first time today and was testing the security around the DefaultPassword. I have found tools that can easily decrypt the password, but that weak security is known.

What I wonder though, is if it is known that when using AutoLogon to disable the auto logon, it appears it does not REMOVE the previously stored encrypted password. That's a bit of a concern.

Further, at this point I do not know a way to clear this out. I tried setting a bogus password, but it seems AutoLogon first validates the username/password before it will store it.

Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,171 questions
0 comments No comments
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.