How to Hide the Last Signed-In User on the Login Screen on Windows 11
🔍 WiseChecker

How to Hide the Last Signed-In User on the Login Screen on Windows 11

by

Quick fix: Open Group Policy Editor (gpedit.msc). Navigate to Computer Configuration → Windows Settings → Security Settings → Local Policies → Security Options. Find Interactive logon: Do not display last signed-in. Set to Enabled. Click OK. Sign out and in. Login screen no longer shows the last user’s name and avatar; both username and password required.

By default, Windows 11’s lock screen shows the last signed-in user’s name and avatar. Useful for one-user PCs. For shared / corporate / public PCs, this leaks the username. Group Policy hides this. Each sign-in requires both username and password.

Symptom: Want to hide the last signed-in user’s name on Windows 11 lock screen for privacy/security.
Affects: Windows 11 Pro/Enterprise/Education.
Fix time: ~5 minutes.

ADVERTISEMENT

What causes this need

The default display of last user is convenient: just type password. But:

  • Reveals user account to anyone seeing the screen.
  • For shared PCs, defaults to wrong user.
  • Corporate compliance may require username privacy.
  • Useful in environments where attackers might brute-force a known username.

Method 1: Enable via Group Policy

The standard route.

  1. Open Group Policy Editor: Win+R → gpedit.msc.
  2. Navigate: Computer Configuration → Windows Settings → Security Settings → Local Policies → Security Options.
  3. Find Interactive logon: Do not display last signed-in. Double-click.
  4. Set to Enabled. Click OK.
  5. Optional: also enable Interactive logon: Don’t display username at sign-in. Hides current user’s name during password entry.
  6. Run Command Prompt → gpupdate /force.
  7. Sign out. Lock screen now shows generic prompt: “User name” and “Password” fields. Username and password required.
  8. For domain accounts: enter as DOMAIN\username or username@domain.

This is the standard fix.

ADVERTISEMENT

Method 2: Registry equivalent for Home edition

For Windows 11 Home (no Group Policy).

  1. Open Registry Editor as Admin.
  2. Navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System.
  3. Find or create DWORD: dontdisplaylastusername. Value: 1.
  4. Also create DWORD: DontDisplayLockedUserId. Value: 3 (hides both username and full user info).
    • Value 1: show user info.
    • Value 2: show username only.
    • Value 3: hide both.
  5. Close Registry Editor.
  6. Sign out and sign back in.
  7. Login screen prompts for username + password without last user info.
  8. To revert: set values back to 0 or delete the DWORDs.

This is the Home-edition path.

Method 3: Lock screen and welcome customization

For additional privacy.

  1. For full clean lock screen: Settings → Personalization → Lock screen. Untick Get fun facts, tips, and more from Windows and Cortana on your lock screen.
  2. For app notifications: untick apps from Choose which apps show quick status.
  3. For privacy on the welcome screen at boot: this is separate from lock screen. Same Group Policy applies to both.
  4. For BitLocker recovery key prompt visibility: BitLocker shows on boot anyway; not affected by username hiding.
  5. For audit/compliance: log login attempts with Event Viewer → Security log. Failed logins are tracked.
  6. For specific user accounts visible: by default, all enabled accounts show on first boot. Disable specific users to hide them: net user "username" /active:no.
  7. For removing recently-signed-in accounts list: registry HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\UserSwitch → Enabled DWORD = 0.

This is the broader privacy approach.

How to verify the fix worked

  • Sign out. Lock screen shows generic Username and Password prompts.
  • No avatar shown.
  • Need to type username on every sign-in.
  • Multiple-user PCs: no list of users visible (must know each username).

If none of these work

If username still shows: Group Policy not applied: gpresult /h C:\report.html to verify. Look for the policy in report. For Microsoft account login: shows email address. Inevitable unless you switch to local account. For Windows Hello PIN / face / fingerprint: shows user even if username hidden. The Hello prompt knows who you are. For domain PCs: corporate policy may override individual setting. Contact IT. For Insider builds: registry path may shift slightly. Check current build documentation. For accessibility tools: Narrator, Magnifier may speak username aloud. Adjust accessibility settings. For kiosk mode: separate from this; use Assigned Access feature for kiosks.

Bottom line: gpedit.mscInteractive logon: Do not display last signed-in = Enabled. Or registry dontdisplaylastusername = 1 for Home. Lock screen will require username + password each time.

ADVERTISEMENT

← Back to WiseChecker HomeMore in Windows & PC

🔍 Recommended for You