Q: By default, Windows displays a user’s account information when the user locks his Windows desktop. Is there some way to change this behavior and hide account information from the Computer Locked dialog box?

A: Yes, this behavior can be changed using a registry hack. In a Windows domain environment, you can also use a Group Policy Object (GPO) setting.

 The GPO setting is called Interactive Logon: Display User Information when the session is locked and is located in the following GPO container: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options. When you enable this setting, you can set one of these three options:

  • User display name, domain and user names—corresponding to registry value 1
  • User display name only—corresponding to registry value 2
  • Do not display user information—corresponding to registry value 3

 The corresponding registry key is called DontDisplayLockedUserId (REG_DWORD) and is located at HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System. To hide the account information from the Computer Locked dialog box, set this registry key to a value of 3.

 A side effect of hiding the account information from the Computer Locked dialog box is that when you try to log in to a locked machine, Windows won't show the name of the user who's currently logged on in the logon dialog box. To unlock your logon session, you must type your password and retype your account name.