Enable, Disable Secure Logon in Windows 10/8

One way of adding one more layer of security to your Windows computer is by enabling secure logon. By enabling secure logon, users are required to press Ctrl+Alt+Del before they can enter their credentials and log on.

Secure logon – Ctrl+Alt+Del

Secure logon offers a  keystroke sequence that cannot be intercepted by any application. When Secure Logon is enabled, no other malicious program can intercept your user name and password as you enter it. (NOTE: Please read comment below).

Pressing Ctrl+Alt+Del ensures that the authentic Windows logon screen appears. To enable secure logon, open Run, type Control Userpasswords2 or netplwiz and hit Enter to open the User Accounts Properties box.


Open the Advanced tab, and in the Secure logon section, click to clear the Require users to press Ctrl+Alt+Delete check box if you want to disable the CTRL+ALT+DELETE sequence. Click Apply/OK > Exit.

Now the next time to logon you will see your Windows 8 lock screen with the following display in the top-left corner.


Pressing Ctrl+Alt+Del will allow you to enter your Windows logon password.

Read: How to display information about previous logons in Windows.

Disable CTRL+ALT+DELETE using Group Policy

If you wish, you can also enforce this policy, using the Local Security Policy.  To do so, Run secpol.msc and hit Enter.

disable Secure Logon

In the left pane, select Local Policies > Security Options. Now in the right pane, double click on Interactive logon: Do not require CTRL+ALT+DEL.

This security setting determines whether pressing CTRL+ALT+DEL is required before a user can log on. If this policy is enabled on a computer, a user is not required to press CTRL+ALT+DEL to log on. Not having to press CTRL+ALT+DEL leaves users susceptible to attacks that attempt to intercept the users’ passwords. Requiring CTRL+ALT+DEL before users log on ensures that users are communicating by means of a trusted path when entering their passwords. If this policy is disabled, any user is required to press CTRL+ALT+DEL before logging on to Windows.

Disable CTRL+ALT+DELETE using Group Policy

Enable or Disable the policy as per your requirement, click Apply/OK and Exit.

By default, the policy is enabled on Windows 8/10 domain-computers, and disabled on Windows 7 or earlier. The policy is enabled by default on stand-alone computers.

Disable Secure Logon using Registry

Open Registry Editor and navigate to the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

In the right pane, right-click on DisableCAD and click on Modify.

  • To Disable Secure Logon, type 1.
  • To Enable Secure Logon, type 0.

Microsoft has also released a Fix It that lets you easily enable or disable the Ctrl+Alt+Del sequence for logging. More on that here at this post titles enable or disable CTRL+ALT+DELETE requirement for logon.

Posted by on , in Category Windows with Tags
Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.


  1. You mentioned “Secure logon offers a keystroke sequence that cannot be intercepted by any application.” That’s not quite true. If you use remote software like TeamViewer you can select to send a Ctrl+Alt+Del command to the remotely connected PC. It can also be done via a sctipt or a dos regedit meaning that it can be bypassed by a trojan or virus.

  2. I refered this post: http://blogs.msdn.com/b/larryosterman/archive/2005/01/24/359850.aspx

    I suppose this would also be possible, if one were to Enable the Software Secure Attention Sequence policy, right?

    Thanks for posting the comment. I will qualify my statement in the post.

  3. Hi Anand. That could prevent access yes, though a lot of remote software these days may be running as a Windows service and if SAS disables access to the input command such as C-A-D then great, if not then the service will have to be stopped too. As for getting access for many remote IT Staff, then a group policy script may have to be run to grant access to any machines needing remote support, and that’s quite a lot these days.Still, a great post. You guys always have great articles.

  4. Daniel Abbott

    Well, you would know as it wouldn’t come up with press Ctrl-Alt-Del to log on message…

  5. Cory Mayer

    You can send a Ctrl+Alt+Del with another program but the idea is that other programs can’t act on it. If it were a malicious login screen then the “task manager/ctr+alt+del screen” would hopefully come up.

  6. There’s also the Sticky Keys method too!

Leave a Reply

Your email address will not be published. Required fields are marked *

4 + 7 =