Disable Logon to Windows Computers When Not Connected to a Domain



The default behavior in Windows when connecting to a domain is to cache the domain credentials locally so that they can be used to login even when the domain isn’t available. You can set this value to 0 in order to disable logons to the computer while not connected to the domain.

Note that this will only work for computers that are configured to login to a domain, not for Home editions.

Disable Cached Logons

Open up regedit.exe through the start menu search or run box, and then navigate down to the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon


On the right-hand pane you’ll see a key called cachedlogonscount, which you can change to 0 in order to disable logging in when not connected to the domain.

This should work on either Vista or XP.

Read 95 times
Dylan Austin


Whenever I have a problem, I sing. Then I realize my voice is worse than my problem.

We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…