I am reviewing a case where someone had configured their computer with an autologin feature. I have reveiwed the registry and the autologin is enabled and the default username is that individual's. There is no default password key located in the registry.
I am wondering:
1. How do I determine if that individual actually changed those key values?
2. How does it login with no default password? Is there another key that allows the login without a password?
3. Are there other artifacts that I should be looking for?
Any help would be greatly appreciated.