Making the Win9x/ME login more secure(sort off).
--------------------------------------------------------------

This "securing" is lame but I don't think you can make Win9x/Me
login more "secure", heck if you want a secure loginsystem you
just don't use Win9x/Me.
Hope this isn't a piece of crap, as it is my first tutorial and English is not my native language.

Important:
-You cannot make the Win9x/ME login system secure, but you can stop ordinary users from bypassing the login system.
-Watch out when editing the registry, you can cause problems that may require to re´nstall your operating system.
If everything is done correctly there shouldn't be any problems.

1. Force users to logon

Normally you can just press "Cancel" when the Logon box appears and access the computer. This registry edit will logout the user if the user clicks cancel.

Bring up the control panel -> users and setup your computer for
multiple users.

While logged in open your registry (Start -> Run -> regedit) expand the
[HKEY_USERS] key, there should be several sub-folders including .DEFAULT and
one named to the username you just created. Expand the .DEFAULT key
-> Software -> Microsoft -> Windows -> CurrentVersion -> Run
If this "run" key doesn't exist yet, create it.

Create a new String Value:
Name: NoLogon
Data: "RUNDLL32 shell32,SHExitWindowsEx 0"


You can also achieve the same result by doing this:
Open registry and go to key: [HKEY_LOCAL_MACHINE\Network\Logon]

Create/modify a (new) DWORD value:
Name: MustBeValidated
Value: 1
Base: hexadecimal

This normally prevents network logon bypassing but it also works for standard Windows Logon.
I use this second method.

2. Making it harder for users to find/delete your password file and thus accessing the computer.

Find the .pwl file (in C:\windows) corresponding with your username([username].pwl) and rename
it to something like ad.exe so nobody will think it's a password file. You may also want
to hide the file(right click it -> Properties -> Hidden).

Open system.ini (it's in C:\windows) and scroll down until you find the line [Password Lists].
Below it you see all the usernames created on your computer.
For example:
User1=user1.pwl
User2=user2.pwl
Suppose you renamed user1.pwl to ad.exe; just change
User1=user1.pwl to User1=ad.exe

-----------------------------------------------------------------------------
As you noticed a user can still easily find out what the password file is and delete it but this will stop most users from doing so.
-----------------------------------------------------------------------------