New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security issue with autologon #28

Open

xenon8 opened this issue Jan 24, 2020 · 1 comment

xenon8 commented Jan 24, 2020

Hi,

Looking into the code for this function, it would suggest that the password for the user is written into the registry in plain text.

Which would mean that anyone with access to this registry key would have the password.

The AutoLogon application by SysInternals does not do this, could a similar approach be used? where the password is encrypted?

Contributor

jdavisp3 commented Jan 25, 2020

Possibly, if you figure it out patches are welcome.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment