I've been dealing with a frustrating issue on our Windows 11 machines where the last signed-in username keeps appearing after every reboot. We thought we could fix this by enabling certain security policies, specifically: 1) 'Interactive logon: Don't display last signed-in' and 2) 'Interactive logon: Don't display username at sign-in.' However, it continues to show the last username, which feels like a significant vulnerability. Any advice on how to resolve this?
5 Answers
The vulnerability comes from having usernames visible post-reboot, which these policies are supposed to prevent. It's worth looking at this from a compliance angle; I initially enabled it to meet security benchmarks but found it more inconvenient for users.
If you’re using Windows Hello for Business, it might be causing users to enter their usernames before selecting a PIN or biometric option. That could also lead to confusion around usernames appearing.
How are you enabling those policies? Just curious if you're using a specific tool.
You might want to consider why displaying the last username is a vulnerability in your setup. If accounts don’t have strong passwords or are too similar, that could be an issue. Just something to think about!
Make sure to audit your endpoints and confirm that the security policies are actually being applied correctly. Don’t just rely on the tool you’re using; double-check its effectiveness. You might need to dig deeper into the settings to see if anything else has to be tweaked.
From what I see, it looks like the keys are applied, and the policy is enabled in secpol. I'm not sure if there's anything else that needs tweaking on our end.