Enable, Disable Secure Logon in Windows 8

One way of adding an additional layer of security to your Windows computer is by enabling secure logon. By enabling secure logon, users are required to press Ctrl+Alt+Del before they can enter their credentials and log on.

Secure logon – Ctrl+Alt+Del

Secure logon offers a  keystroke sequence that cannot be intercepted by any application. When secure logon is enabled, no other malicious program can intercept your user name and password as you enter it. (NOTE: Please read comment below).

Pressing Ctrl+Alt+Del ensures that the authentic Windows logon screen appears. To enable secure logon, open Run, type netplwiz and hit Enter to open the User Accounts properties box.


Open the Advanced tab, and check Require users to press Ctrl+Alt+Delete. Click Apply/OK > Exit. Now the next time to logon you will see your Windows 8 lock screen with the following display in the top-left corner.


Pressing Ctrl+Alt+Del will allow you to enter your Windows logon password.

If you wish, you can also enforce this policy, using the Local Security Policy.  To do so, Run secpol.msc and hit Enter.


In the  left pane, select Local Ploicies > Security Options. Now in the right pane, double click on Interactive logon: Do not require CTRL+ALT+DEL.

This security setting determines whether pressing CTRL+ALT+DEL is required before a user can log on. If this policy is enabled on a computer, a user is not required to press CTRL+ALT+DEL to log on. Not having to press CTRL+ALT+DEL leaves users susceptible to attacks that attempt to intercept the users’ passwords. Requiring CTRL+ALT+DEL before users log on ensures that users are communicating by means of a trusted path when entering their passwords. If this policy is disabled, any user is required to press CTRL+ALT+DEL before logging on to Windows.


Enable or Disable the policy as per your requirement, click Apply/OK and Exit.

By default the policy is enabled on Windows 8 domain-computers, and disabled on Windows 7 or earlier. domain-computers. The policy is enabled by default on stand-alone computers.

Microsoft has also released a Fix It that lets you easily enable or disable the Ctrl+Alt+Del sequence for logging. You can download from KB308226.

Posted by on , in Category Windows with Tags
Anand Khanse aka HappyAndyK is an end-user Windows enthusiast, a Microsoft MVP in Windows, since 2006, and the Admin of TheWindowsClub.com. Please create a System Restore Point before trying out any software & be careful about any third-party offers while installing freeware. Add me on Google+.
  • http://about.me/michaelmknight Michael Knight

    You mentioned “Secure logon offers a keystroke sequence that cannot be intercepted by any application.” That’s not quite true. If you use remote software like TeamViewer you can select to send a Ctrl+Alt+Del command to the remotely connected PC. It can also be done via a sctipt or a dos regedit meaning that it can be bypassed by a trojan or virus.

  • http://www.thewindowsclub.com Anand Khanse

    I refered this post: http://blogs.msdn.com/b/larryosterman/archive/2005/01/24/359850.aspx

    I suppose this would also be possible, if one were to Enable the Software Secure Attention Sequence policy, right?

    Thanks for posting the comment. I will qualify my statement in the post.

  • http://about.me/michaelmknight Michael Knight

    Hi Anand. That could prevent access yes, though a lot of remote software these days may be running as a Windows service and if SAS disables access to the input command such as C-A-D then great, if not then the service will have to be stopped too. As for getting access for many remote IT Staff, then a group policy script may have to be run to grant access to any machines needing remote support, and that’s quite a lot these days.Still, a great post. You guys always have great articles.

  • Recent Comments