When logging into your Windows PC, you may be tempted to use automatic logins, which store your password on your PC and any program that has admin access can see it. Sure, it’s more convenient, but you do open up holes in your PC if you use it.
This is especially important if you log in via a Microsoft account, or use the same passwords for all your other accounts. With that said, let’s look at the worst way to log in.
Never Use the Registry Hack
The old way to login was with the registry hack. This involved changing around the registry code to allow you to log in automatically. You would enter your password into the registry, in plaintext, and this would mean that anyone who could look at the registry could see your password.
But Other Ways Aren’t Better
Every time your computer starts up, you can set it so it automatically logs on. To do this, you must use netplwiz, a tool that you have to find through inconvenient means. Once you open this tool up, you must enter a username and password. Once you do that, Windows will sign you in automatically whenever you boot up the PC.
Windows will not store your information through your registry, so that’s better. Instead, it will keep your password as an LSA Secret. This does not store it in plaintext, allowing you to have some peace of mind that your password is safe. This means that it will take a powerful program to find your password.
However, if a program has admin access, finding the password is easy to decrypt. A few programs can allow them to see LSA secrets, including your passwords.
The Importance of Password Depends
If you have a home PC, and have nothing to keep secret, you don’t have to worry about your password too much. If your password is simple, like 1234, programs can see your password, along with everyone else, but can only access your computer. Same thing if you’re using your PC like a kiosk.
But many people will use passwords that apply to all their accounts. After all, keeping every password different is annoying, so many have a master password for everything. If you are going to use a master password, putting it as your PC password is a problem, as once they see that password, they could use it to access your personal files.
Logging In Doesn’t Have to Be Hard
Modern versions of Windows, thankfully, don’t have to have a complex password to log in. You can use a PIN instead to log in, or use a password that’s a picture. Fingerprinting, webcam, and voice access are also a few other options.
Also, new computers do boot quickly, so you don’t have to worry too much with the computer taking a long time. Stop using so many startup programs or use a PC with a solid-state drive if the computer is taking a long time.
Overall, automatic logins are not a good idea if you want to stay safe. If entering a password is annoying, use a simple password and not one you use for other accounts. Also, avoid Microsoft accounts and instead use a local account, which will prevent your password from being stored online. If you do this, you can automatically log in without worrying too much. But if you’re really concerned about your security, don’t do it at all.