Stopping the Windows 9x Login

What...

Microsoft Windows 9x (Windows 95, Windows 98) have a bizarre feature: It wants the user to login to Windows before it will let the user use it.  While this initially looks like a good security option, it is a pathetic joke -- a simple tap of the ESC key will get you past it.  If using a network, this can result in MULTIPLE login requests -- the first one from the network client, the second from Windows if the passwords don't match.
 

Why...

If you were thinking I was going to explain Microsoft's logic here, no.  Even if I cared to, I couldn't.  Security that can be evaded with the tap of one obvious key (or the click on the obvious "Cancel" button) is NOT security by anyone but Microsoft's definition.  Rather, I'm going to explain why you want to stop this idiot action. O.k., plenty of reason to disable this "feature".
 

How...

Much to my embarrassment, I only found the solution to this problem recently, and worse, it has been available for some time.  Microsoft published Knowledgebase Article Q140557 on this topic here:
    http://support.microsoft.com/support/kb/articles/q140/5/57.asp?id=Q140557

The relevant details are included here, in case Microsoft decides that with the release of XP, no one needs to worry about 9x anymore...

Add the following registry key, using REGEDIT:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\
             Network\DisablePwdCaching = 1

That's all one line, and the variable DisablePwdCaching is a DWORD value.

There are a couple other things that can be done to simplify this process:

Create a file with the following contents (between the lines):


REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Network]
"DisablePwdCaching"=dword:00000001



save it to a file with the extension of ".REG", and double click on this file.

Or, download and use this file.

While the above Knowledgebase article indicates this is for Windows 95, I have found it works well with Windows 98, as well.

I recommend the installation of this fix on all network connected machines.  After installing this fix, delete *.PWL from the C:\WINDOWS directory.  The truly security conscious might think I haven't gone quite far enough here, but then, the truly security conscious wouldn't be running Windows.
 

Holland Consulting home page
Contact Holland Consulting


since November 25, 2001

(C)opyright  2001, Nick Holland, Holland Consulting

Published: 11/25/2001
Revised: 11/25/2001