Why don't you have to press CTRL+ALT+DEL to logon anymore in Windows 8?

windows windows-8 security login
6,066

Solution 1

I do not believe this was enforced by default in earlier windows versions either. There is a group policy setting you can use to enforce this.

Computer Configuration - Windows Settings - Security Settings - Local Policies - Security Options - Interactive Logon: Do not require CTRL+ALT+DELETE

disable that and you will be required to press ctrl+alt+delete.

same procedure for a domain gpo or standalone. I still turn this on in my home as a default security practice for the reasons you mentioned above.

Solution 2

Twisty's comment is correct, the accepted answer is not.

You can test if you like. Create a fresh AD domain and two fresh installs of Windows, one Windows 8 or newer and one Windows 7 or older. Before domain join, neither OS will require CAD/SAK/SAS. After domain join, Windows 7 will require it and Windows 8 will not. It is not due to group policy, if you do happen to explicitly apply this setting via GPO as described in the accepted answer, then you will see that all Windows versions will require CAD/SAK/SAS.

MCSA in 2012 R2

Share:
6,066

Related videos on Youtube

Mike Christensen
Author by

Mike Christensen

Updated on September 18, 2022

Comments

  • Mike Christensen
    Mike Christensen over 1 year

    In previous versions of Windows, you had to press Ctrl + Alt + Delete to logon, or to unlock a locked workstation. This was because this key sequence was recognized only by the OS and thus other software couldn't intercept it and display a spoofed logon screen to capture passwords.

    Starting with Windows 8, you now just have to press Enter to get to the logon screen.

    What is to stop someone from writing a fake logon screen? Did Windows 8 add some sort of new security mechanism to mitigate this security issue?

    • Ramhound
      Ramhound about 10 years
      It was always handled by a domain policy. You can configure Windows XP through Windows 8.1 to require authentication or automatically log into a specific user if you want.
    • Mike Christensen
      Mike Christensen about 10 years
      @Ramhound - I'm looking for this setting (In Windows 8.1) but cannot find it anywhere.. Are you sure?
  • Mike Christensen
    Mike Christensen about 10 years
    Found it! You have to run netplwiz, then go to the Advanced tab and check the Enable Secure Logon checkbox.
  • driz
    driz about 10 years
    is the end result between using netplwiz and the GPO different? Presumably they are the same; but I don't think you can enforce a setting in netplwiz across a domain. glad you found it!
  • Mike Christensen
    Mike Christensen about 10 years
    I couldn't find anything called Computer Configuration on my machine, so I didn't try your way.
  • driz
    driz about 10 years
    ah, it's under the local group policy editor; gpedit.msc; for a domain, it is gpmc. I apologize for the lacking response!
  • Mike Christensen
    Mike Christensen about 10 years
    Ah no problem. I got it figured out anyway.
  • chwi
    chwi almost 10 years
    @MikeChristensen whats up with that? You got it figured out? Please dont accept an answer because you found your own way of doing it, or add information in the comment that tells us something about what the solution was.
  • I say Reinstate Monica
    I say Reinstate Monica almost 9 years
    I do not believe this was enforced by default in earlier windows versions.... Correct for non-domain joined computers and all Home editions of Windows. The default configuration of domain-joined computers in prior versions was to require the CAD sequence.
  • Syberdoor
    Syberdoor about 6 years
    You are right, however this is not really an answer to the question why this was changed. Do you happen to know? I am guessing it has something to do with more keyboardless tablets and more biometric methods via hello that they found it to be inconvenient but I have not found any source so far.
  • escuelle
    escuelle about 6 years
    Probably because it was regarded as a simply security feature that was more complex than it needed to be. cnn.com/2013/09/26/tech/innovation/…

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

The folder C:\users has suddenly gone
Is it possible to require a TOTP on Windows Login using existing or custom software?
Is there a way to limit Windows so only one user can be logged on at a time? Windows 8
How to turn Windows domain account to a local account
Should I use a login banner and if so, what should it say?
windows-8 : Certain process running under username "DWM-1" and "ANONYMOUS LOGON"
Disable auto-lock on inactivity
Is the UAC level in Windows per individual user?
How to run specific program with root privileges (Ubuntu OS) when no sudo user log into system?
Rewrite login_check functionality in Symfony