You may see the situation below when setting up multiple accounts on a Windows server:
Apart from it cluttering the login screen it is a clear security issue. I would also add that the Administrator account should always be renamed to something less obvious as a security best practice.
To remove any accounts from being displayed on the Windows login screen perform the following:
1. Click on Start > Run and enter secpol.msc and click on OK per the below:
2. Once the Local Security Policy snap-in has loaded open Local Policies, click on Security Options and then in the right pane double-click on Interactive logon: Do not display last user name:
3. Once it opens select Enabled and then click OK to apply the changes:
4. Logout, hit CTRL + ALT + DEL and then observe the shiny, uncluttered and significantly more secure login screen:
The steps above change a value in the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
The value in question is dontdisplaylastusername and is by default set to 0 (disabled):
To enable the setting open the dontdisplaylastusername value and change it to 1 and click OK to save the change:
Simply logout, hit CTRL + ALT + DEL and you will observe the setting is now enabled and no user accounts will be displayed on the login screen.
Finally, there is one more way to enable this setting. This method is my favourite because it is the coolest – PowerShell. Run the PowerShell command below to achieve the same result and the two previously mentioned methods:
Set-ItemProperty -Path "HKLM:Software\Microsoft\Windows\CurrentVersion\Policies\System" -Name dontdisplaylastusername -Value 1 -Type DWORD
All the steps/methods stated in this post apply to Windows Server 2003, Windows Server 2008, Windows Server 2008 R2 and Windows Server 2012.