Friday, January 8, 2010

Creating hidden accounts on a XP Box

Others want to log in to XP under your name?
Need to have an account under the radar?

Whatever the need, note it can be done!

The problem is that user accounts always show up on the welcome screen on XP. Our goal is to hide them from there using a simple Windows registry tweak. This tweak requires an existing account, so use one thats already there or create a new one. I would recommend the later!

Now go into the Registry (click on "start" > "Run" and type "Regedit" (without quotes) and hit enter).

Now go to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\SpecialAccounts\UserList

Now right-click on the pane on the right and create a new DWORD. Make the name from "New Value #1" to the same as the AccountName you wish to hide. Example: if I wanted to hide an Account called StealthyMoFo, the DWORD Name would be StealthyMoFo.

Now double-click on the name and set the data value:

0 to hide it
1 to make it visible

Now exit the registry and reboot the machine for this to take effect.

To logon using this new account, when you see the welcome screen, hold down "ctrl+alt" and hit delete twice. this should take you to a normal username\password prompt like Windows 2000. Enter the name and password of the hidden account to log on.


Two Side Notes:

  • This can be used to also force the Administrator account to show up on the welcome screen as it does in safe mode.
  • Your hidden account will still have a folder under Documents and Settings. So if someone see's it, they might suspect something. Try to use something that sounds like it might belong there like "RemoteService" or "DotNet" or "Admin". Most people wouldn't rise an eyebrow as those would seem like normal application/User accounts.