Screen saver grace period bypasses password protection (221784)


The information in this article applies to:

  • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows Server 2003, Standard Edition
  • Microsoft Windows Server 2003, Enterprise Edition
  • Microsoft Windows Server 2003, Datacenter Edition
  • Microsoft Windows Small Business Server 2003, Standard Edition
  • Microsoft Windows Small Business Server 2003, Premium Edition
  • Microsoft Windows XP Professional
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Small Business Server 2000
  • Microsoft Windows NT Workstation 4.0
  • Microsoft Windows NT Server 4.0
  • Microsoft Windows NT Server, Enterprise Edition 4.0
This article was previously published under Q221784
Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry

SYMPTOMS

After you configure your computer to use a screen saver with a password, and after the screen saver has started, you may be able to bypass the password security and unlock the computer by pressing a key or by moving the mouse.

CAUSE

There is a delay between the time that the screen saver locks the computer and the time that the password protection is established. During this interval, you can use a key press or mouse movement to unlock the computer without having to type the password.

RESOLUTION

Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

Windows NT 4.0 and Windows 2000

To resolve this problem in Microsoft Windows NT 4.0 and in Microsoft Windows 2000, reduce the screen saver password registration interval in the registry. To do this:
  1. Click Start, click Run, type regedt32, and then click OK.
  2. On the Windows menu, click HKEY_LOCAL_ MACHINE on Local Machine.
  3. Double-click the \Software\Microsoft\Windows NT\CurrentVersion\Winlogon folder.
  4. On the Edit menu, click Add Value, type ScreenSaverGracePeriod, click REG_SZ in the Data Type box, and then click OK.
  5. Type a number representing the password activation delay (in number of seconds) in the Data box, and then click OK. You can enter any whole number between 0 and 2,147,483. The default entry is 5. If you use an entry of zero, there is no password protection delay.
  6. Quit Registry Editor, and then restart the computer.

Windows XP and Windows Server 2003

To resolve this problem in Microsoft Windows XP and in Microsoft Windows Server 2003, reduce the screen saver password registration interval in the registry. To do this:
  1. Click Start, click Run, type regedt32, and then click OK.
  2. Locate and then click the following registry subkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

  3. On the Edit menu, point to New, and then click String Value.
  4. Type ScreenSaverGracePeriod, and then press ENTER.
  5. Double-click ScreenSaverGracePeriod.
  6. Click Decimal under the Base heading, and then enter a number in the Value data box that represents the password activation delay in seconds.

    You can enter any whole number between 0 and 2,147,483 (approximately 24 days). A value of zero indicates no password protection delay. There is no default entry.
  7. Click OK, and then exit Registry Editor.
Modification Type:MinorLast Reviewed:10/4/2006
Keywords:kbenv kbprb KB221784
©2004 Microsoft Corporation. All rights reserved.