Hiding user information when computer is locked

Secure environments demand certain requirements that are aimed at reducing the risks of unauthorized access to resources. Among the many security policies that are implemented in Windows environments we find policies that force workstations to lock a user session after a period of inactivity. In high secure environments where workstations access is controlled by rigorous measures, the display of user information such as, domain names and user names when the workstation is locked may not be desired. This would facilitate the life of someone trying to break into a system by just guessing the user password instead of the full user credentials.

A Windows Group Policy allows what to display when a user session is locked. In fact, you can allow the default setting that displays user names and domains, display just the user friendly name or hide all user information.

  1. To configure this policy setting for Windows 7 computers, open the Local Group Policy Editor snap-in by typing gpedit.msc in the Start search text box and press enter.
  2. Go to Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options node.
  3. Double click Interactive logon: Display user information when the session is locked, under Policy in the right hand side pane.
  4. Select one of the options from the drop down box.
  5. Click Apply and then OK.

Note, that some users may not be aware of their full login credentials (including domain name) when presented with this security option.