MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended) Countermeasure: Do not configure the MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended) entry except on highly secure computers, where it should be configured to a value of Disabled. The possible values for this registry entry are: ? 1 or 0. The default configuration is 0 (disabled). In the SCE UI, these options appear as: ? Enabled ? Disabled ? Not Defined Potential Impact: None. By default this entry is not enabled. Fix: (1) GPO: Computer ConfigurationAdministrative TemplatesMSS (Legacy)MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended) (2) REG: HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogon!AutoAdminLogon

[enabled/disabled]

(1) GPO: Computer Configuration\Administrative Templates\MSS (Legacy)\MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended) (2) REG: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon!AutoAdminLogon