125

I have an HTPC with a user that has no password and autologin.

I want to be able to connect to it via Remote Desktop without a password, so I can login with the original user. (I don't want to add another user just for the mstsc)

Is there a way of doing that?

The OS is Windows 7, 32bit.

Am.
  • 1,716
  • 2
  • 12
  • 10

2 Answers2

170

Yes, this is possible.

By default, Windows will not allow the logon over a network with a blank password. There is a KB article that details how to allow blank passwords for network logons.

You can disable blank password restrictions by using a policy. To locate and change this policy:

  1. Click Start, point to Run, type gpedit.msc, and then click OK to start the Group Policy Editor.
  2. Open Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Accounts: Limit local account use of blank passwords to console logon only.
  3. Double-click Limit local account use of blank passwords to consol logon only.
  4. Click Disabled, and then click OK.
  5. Quit Group Policy Editor.

NOTE: By default, this policy is on (enabled).

Under the cover, in Registry, this is controlled by 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"LimitBlankPasswordUse"=dword:00000000

Therefore, alternatively, this can be achieved by directly setting LimitBlankPasswordUse to 0. Setting it to 1 will restore the default behavior.

After you have enabled this, you will be allowed to log on using a blank password.

Community
  • 1
William Hilsum
  • 116,650
  • 19
  • 182
  • 266
  • I also have the same requirement. I am connecting to windows 2003 server machine from windows 7 machine using 'mstsc'. I have disabled the option "Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Accounts: Limit local account use of blank passwords to console logon only". But still it prompting for password. Any suggestions please? Thanks –  Dec 15 '11 at 10:04
  • This is also a possible fix for the 0x80090304 authentication error using RDP. (Same problem, it just depends on whether you're connecting with NLA or without.) – RobinHood70 Oct 16 '14 at 19:21
  • +1; confirmed on windows 8 as well. – Jossef Harush Kadouri Dec 26 '15 at 19:26
  • I beg to differ. We didn't have this enabled and someone got in via port forwarding and logged into an account with a blank password. – user2924019 Mar 01 '18 at 10:23
  • Worked on a Win10 installation that didn't have `gpedit.msc`. Changed the registry key and didn't even need to reboot :D – Fusseldieb May 29 '21 at 08:16
5

I believe the setting should be DISABLED as the explanation here seems to indicate:

This security setting determines whether local accounts that are not password protected can be used to log on from locations other than the physical computer console. If enabled, local accounts that are not password protected will only be able to log on at the computer's keyboard.

Default: Enabled.

So, by disabling it, you can then log on using no password.

Community
  • 1
furball zen
  • 51
  • 1
  • 1
  • What setting? This answer should standalone and nor refer to another answer to this extent. Please edit it to complete it. – Rohit Gupta Aug 01 '23 at 11:29