The Core Technologies Blog

Professional Software for Windows Services / 24×7 Operation

Q&A: Why Doesn’t AlwaysUp Accept My Login Credentials?

Posted on March 9, 2026
Why Doesn't AlwaysUp Accept My Login Credentials?
  I am test running your Always Up program on two computers to see if we like what it does. The first computer went very smoothly but I get a “Trouble Validating Account” error when saving the user on the second:

Trouble Validating Account error message

Everything looks right to me so what’s the problem? I am a member of the local Administrators group so it can’t be a permissions thing.

— Sam P

Hi Sam, thanks for trying AlwaysUp. Sorry that an error got in your way though!

After consulting with our team, we identified five conditions that could cause the trouble. Maybe one of them will apply to your situation.

So let’s review each potential reason — and finish off with an easy workaround to get you going again.

Reason #1: You’re not putting in a Windows account

Are you entering a Windows user name and password?

It may seem like a silly question, but you’d be surprised how many folks put in credentials for the application they’re trying to run with AlwaysUp.

To be clear: your Dropbox, OneDrive or Google Drive login information won’t work. You must provide a user name and password that logs you into your computer.

Reason #2: The account doesn’t have a password

For security purposes, AlwaysUp doesn’t support Windows accounts without a password. Your account must have that minimum level of protection.

If against all advice you would like to employ an account without a password, you won’t be able to enter it directly into AlwaysUp. You’ll have to resort to the workaround below.

Reason #3: The password is incorrect

By now you’ve surely double and triple checked that you’re entering the correct password for your Windows account. But have you considered any of the following possibilities?

Has someone else updated the password? If you’re working on a team, perhaps a colleague made a change recently.

Has the password expired? Many systems are configured to demand a new password every few days or weeks, and that can interfere with your use of the account.

Windows 11 password expired

Try logging in to the computer with your user name and password and see if Windows identifies any problems with the account. If you can’t log in interactively, AlwaysUp won’t be able to run your application in the account.

Reason #4: You’re missing the domain

Is your account in a Windows domain? If so, you must enter the domain name as part of your user name, usually in the standard DOMAIN\USER format.

For example, we have a user called “Mike Jones” on our systems and all accounts are in the “CTC” domain. Therefore, “CTC\Mike Jones” works in AlwaysUp:

Enter the domain name on the Logon tab

Reason #5: You’re entering a gMSA in AlwaysUp 16 or earlier

While earlier versions of AlwaysUp fully supported running in a gMSA, you could run into trouble configuring a gMSA.

The trouble would come up on the Logon tab, when AlwaysUp verifies the credentials you entered. If you left the password field blank (as you should for a gMSA) that would sometimes confuse the code because it expects each account to be properly secured (see reason #1). Inevitably, verification would fail and you couldn’t set your application to run in the gMSA.

The good news is that we fixed the problem in AlwaysUp version 17. You’ll be able to enter your gMSA just fine if you upgrade. And you’ll get many other goodies in the latest version too.

AlwaysUp 17 doesn't prompt for gMSA passwords

However, if upgrading isn’t an option, please execute the following workaround to apply your gMSA.

Workaround: Enter your credentials into Services.msc

Even though you cannot enter the account into AlwaysUp, all is not lost. The saving grace is that AlwaysUp creates true Windows Services — which you can manage with conventional administrative tools. And this time, the built-in Services application rides to the rescue.

To run your AlwaysUp application in a given account, step by step:

  1. First, in AlwaysUp, stick with the Local System Account for your application so that you don’t have to enter any credentials. To do so, uncheck the box at the top of the Logon tab:

    Run your application in the LocalSystem account

    Save your application in AlwaysUp. Afterwards, you’ll notice that your application’s Log On As column says “SYSTEM”, as it did for our “Transfer Files Python Script”:

    Python script set to log on as the SYSTEM account

    But don’t worry. We’ll soon set the correct account.

  2. Start the Services application (run “services.msc”).

  3. In the Services application, scroll the list to find the service that AlwaysUp created for your application. If your application is called “MyApp” in AlwaysUp, look for an entry called “MyApp (managed by AlwaysUpService)”.

    For example, you can see the entry for our “Transfer Files Python Script” application here:

    Python script windows service in Services.msc

  4. Double-click the service to open its properties.

  5. Switch to the Log On tab.

  6. Enter the user name and password of the account you’d like to use.

    To illustrate, we entered a gMSA on our server:

    Enter your credentials on the Log On tab

  7. Click OK to save your changes.

  8. Exit the Services application.

  9. Switch back to AlwaysUp. You’ll notice that your application’s Log On As column has been updated to show the new account:

    DESCRIPTION

And that’s it. At this point, you’re good to go. Thanks again for trying AlwaysUp and best of luck with your application!

You may also like...

Start Dropbox whenever your PC boots

Video: Start Dropbox whenever your PC boots

Q&A: Why can't AlwaysUp Open the Netman Service?

Q&A: Why can't AlwaysUp Open the Netman Service?

Q&A: Why doesn't Srvany Close my Application when I Stop the Service?

Q&A: Why doesn't Srvany Close my Application when I Stop the Service?

Posted in AlwaysUp | Tagged , , , , , | Leave a comment

AlwaysUp 17: Hang Protection, Enterprise Security Improvements & Much More

Posted on February 10, 2026
AlwaysUp 17: Hang Protection, Enterprise Security Improvements

AlwaysUp version 17 is now available to all customers.

While the primary focus of this new release is to improve logging and monitoring capabilities for our security-conscious enterprise clients, we managed to squeeze in a couple fresh features as well. The end result is clear — higher uptime and greater security for anyone looking to run their important Windows applications 24/7.

So, without further ado, let’s dive in and review the highlights of AlwaysUp 17.

AlwaysUp will automatically restart your script if it hangs

While the vast majority of folks use AlwaysUp to run exe files, a good portion run scripts. And instead of running 24/7 continuously, those batch files, Python and PowerShell scripts are designed to perform a specific job and exit when done. It’s a beautiful arrangement, because AlwaysUp simply fires them up again a few seconds or minutes later.

However, trouble takes hold when a script gets stuck and never completes its work. In that case, the job will remain stalled — and AlwaysUp will let it continue like that, indefinitely.

For customers in that frustrating situation, introducing a periodic sanity check is a great solution. The idea is that the sanity check would eventually notice that the script isn’t doing its work and restart it.

But it can be difficult to find the right sanity check for each situation. If your script doesn’t write a log file, consume too much resources or map a drive letter, what should you install to detect the misbehavior? It’s a challenge.

AlwaysUp version 17 introduces a new option — a simple watchdog timeout.

For example, suppose you have a batch file that typically takes about 30 seconds to do its work. To protect yourself against the script getting stuck and hanging until someone notices, you can instruct AlwaysUp to terminate and restart the batch file if it runs for longer than 5 minutes. That safety net will tolerate a long-running script (say, if it has lots of work to do) but provides a solid backstop that ensures the batch file will never flounder for too long.

The new feature is available on the Monitor tab, where it’s very easy to set:

Protect your script from running too long

Be sure to take advantage of it if you’re running a script that occasionally gets its knickers in a twist!

Full support for group Managed Service Accounts (gMSA)

Group Managed Service Accounts (gMSAs) have become very popular with Windows administrators. With automatic password management, support for clustered services and built-in security features, what’s not to like?

Recent versions of AlwaysUp are compatible with gMSAs but version 17 takes support up a notch. For example, AlwaysUp no longer prompts for a password when you enter a gMSA on the Logon tab:

No password is needed for a gMSA

There are several internal improvements as well, to ensure smooth operation as AlwaysUp runs your application in the gMSA.

Extensive reporting to the Windows Event Logs

The experts agree: Logging is a foundational pillar of any effective information security system. Indeed, without the systematic, automated recording of system events, it’s nearly impossible to investigate potential threats and problems. You’re flying blind.

Our team is well versed in bedrock ISO 27001 principles so we understand the importance of logging. And in AlwaysUp 17, we rewrote key components to report all sensitive operations to the standard Windows Event Logs. From there, enterprise administrators can pipe those events into Splunk, SolarWinds Security Event Manager, Graylog or any other SIEM compatible with the Windows operating system.

Here’s a quick rundown of the major changes in this area:

  • When writing to the Windows Application Event Log, AlwaysUp now sets a semi-unique Event ID value to classify the event. You can use that ID to trigger alerts downstream, as the data makes it to your SIEM.

    The Event Log Messages page documents the identifiers associated with each record reported by AlwaysUp.

  • AlwaysUp sets the Task Category to “AlwaysUp Events” for every record it creates. Doing so makes it easy for you to identify and group all activity from AlwaysUp — across all applications installed as Windows Services.

    Task Category groups all AlwaysUp events in Event Viewer

  • To improve oversight and accountability, AlwaysUp now reports important application/configuration updates to the event logs. For example, here is event 108 telling us that Administrator modified the Dropbox Windows Service:

    AlwaysUp logs updates, and who made them

  • In version 17, there’s now a “User” column in the Activity Pane. It tracks who performed each activity.

    The Activity Detail window displays the name of the user as well:

    AlwaysUp shows all user activity

    Of course, all that information is stored in the Windows Event Logs.

Autologon refinements

Several customers rely on automatic logon to run their applications in an interactive user session. Because of that, we continue to make sure that AlwaysUp works well with autologon — safely and smoothly.

Version 17 brings one improvement in the area of feedback. If you happen to log in before autologon completes, your application will show a waiting icon that tells you what’s going on:

AlwaysUp waiting for automatic logon to complete

Behind the scenes, there are a couple of code changes that bolster security.

First, AlwaysUp now removes any leftover plain-text passwords it finds in the registry, opting for encrypted representations instead.

Second, if you disable automatic logon from AlwaysUp, the encrypted password is removed from the secure secrets repository. Even though the password remains obfuscated, there’s simply no good reason to leave it behind.

Other fixes & improvements

  • Customers running Python scripts as a Windows Service will notice that AlwaysUp 17 automatically closes Python scripts more gracefully now. There shouldn’t be any warnings about terminating python.exe.

    Tip: If you find that your script is still being abruptly killed, be sure to update your code to catch the KeyboardInterrupt exception and exit when it’s triggered.

  • Unfortunately, new versions of OneDrive continue to experience trouble running in Session 0. And we remain flummoxed and frustrated with the folks in Redmond.

    Until there’s a solution, we updated the Application Advisor to warn users setting up OneDrive as a Windows Service that automatic logon may be required:

    OneDrive Session 0 alert

  • The Google Drive for desktop application now uses Microsoft’s WebView2 component, which is allergic to running as an administrator. We added a warning to that effect when installing Google Drive as a Windows Service:

    Google Drive admin account alert

  • To run more smoothly on Windows Secure Host Baseline (SHB) and other locked down versions of Windows, our developers rearchitected internal components to avoid conflicts related to Data Execution Prevention (DEP) and similar process mitigation technologies. But as much as we want to geek out, it’s far too technical (and boring) to go into the details now. We’ll stop here.

  • Finally, AlwaysUp now supports online registration. You can assign your license directly from the software; all you need is your order reference:

    You can assign your license online

    • Some folks may find it more convenient than the traditional “offline” method.

As usual, please review the release notes for the full list of features, fixes and improvements included in AlwaysUp version 17.

Upgrading to AlwaysUp 17

If you bought AlwaysUp version 16 (on or after February 7 2025), you can upgrade to version 17 for free. Simply download and install “over the top” to preserve your existing applications and all settings. Your registration code will continue to work as well.

If you bought AlwaysUp version 15 or earlier (before February 7 2025), you’ll have to purchase a discounted upgrade to use version 17. Please purchase upgrades here — you’ll save 30% off the regular price.

Please see the complete upgrade policy for additional details.

Thanks for reading!

You may also like...

How Dropbox Auto-Upgrade Works

How Dropbox Auto-Upgrade Works (and How to get AlwaysUp to Play Nice with it)

Q&A: How do I allow Non-Admins to Start/Stop/Restart my AlwaysUp Windows Services?

Q&A: How do I allow Non-Admins to Start/Stop/Restart my AlwaysUp Windows Services?

How to Turn Off Files On-Demand in OneDrive

How to Turn Off Files On-Demand in OneDrive

Posted in AlwaysUp | Tagged , , , , , , , , , , , , | Leave a comment

Q&A: Do You Comply With The EU Cyber Resilience Act (CRA)?

Posted on January 12, 2026
Do You Comply with the EU Cyber Resilience Act (CRA)?
  I work for a large technology company based in Germany. Last year, we bought an Unlimited OEM License for AlwaysUp and integrated it into our industrial automation delivery chain.

As an important supplier, we want to ensure that your company takes a holistic approach to Cybersecurity. And in particular, we’d like to know if you’ll be implementing the new EU Cyber Resilience Act (CRA). Please provide a short statement.

If your product will comply, we can rely on that. If you cannot confirm conformity (mostly in case delivery is done outside the EU market), we may have to analyze further effects on our side and raise additional requests/requirements.

— Michael S.

Hi Michael, thanks for reaching out.

Even though we’re based in the USA, our team has been tracking this new EU regulation ever since it started taking shape in 2023. It soon became clear that the CRA would impact us since we have many customers deploying our software in the EU.

But let’s start at the beginning.

What is the Cyber Resilience Act (CRA)?

The EU Cyber Resilience Act enhances cybersecurity standards for hardware and software products by requiring manufacturers and retailers to infuse cybersecurity throughout the lifecycle of their products. It came into force in November 2024 and organizations in the European Union have until December 2027 to achieve full compliance.

Our company isn’t located in the EU and we don’t make any hardware products. But we do create software used by EU companies. As such, we must help our EU customers adhere to the CRA.

Fortunately the CRA aligns with other global standards — like ISO 27001:2022 — which we already embrace. So let’s review what we have in place today.

We’re serious about security

To understand we do today, please review this article detailing how we keep our software (and company) safe and secure. There, you’ll see that we’ve infused information security best practices throughout our processes and practices.

But even though there’s overlap with the CRA and other time-tested standards, the new regulation brings its own perspectives. It deserves dedicated examination. Therefore, from our viewpoint as a US-based software producer, we’ll review 10 major requirements of the CRA and briefly describe how we support you and other EU organizations in each area.

CRA Requirement #1: No exploitable vulnerabilities

Don’t ship software with serious flaws

How we help you to comply

It’s very important to check for malware at every stage of the software production pipeline. And, most importantly, the final product must be pristine. That’s why we engage third-party services to verify that nothing strange has crept into our software.

For example, before release, we run all our applications through Virustotal — a well-respected online virus-scanning engine owned by Google. We halt the release if any critical or high vulnerabilities are detected.

Service Protector Virustotal Summary

The bottom line: The software we provide to customers is free of major known vulnerabilities at the time it’s shipped.

CRA Requirement #2: A secure default configuration

Make software as secure as possible out-of-the-box

How we help you to comply

Both AlwaysUp and Service Protector:

  1. Must be installed by an administrator

  2. Are installed to a protected folder in “C:\Program Files (x86)” by default

  3. Must be run by an administrator

There’s no way around those important, default safeguards.

Furthermore, there are no “default passwords” of any kind.

CRA Requirement #3: Regular security updates

Establish a method of resolving vulnerabilities discovered after the software was installed

How we help you to comply

It’s company policy to issue a patch for critical and high vulnerabilities within 30 days of their discovery. Medium and Low vulnerabilities are addressed as part of regularly scheduled quarterly or annual releases.

However, as purveyors of software that must operate 24/7/365, we do not support unattended, automatic updates because they’re too dangerous. We leave it to customers to deploy updates manually — after sufficient testing and at a time of their choosing. We keep customers informed of security issues by posting security bulletins on our active blog.

CRA Requirement #4: Protection from unauthorized access

Ensure that the software is accessible only to those who are allowed to use it

How we help you to comply

AlwaysUp and Service Protector are restricted to administrators only. A standard user without admin rights cannot start either of the programs on his own.

If a standard user attempts to start AlwaysUp, Windows prompts for admin credentials:

Windows prompts for admin credentials when starting AlwaysUp

That important safeguard prevents untrusted (or untrained) individuals from updating your critical applications and services.

Furthermore, after you install your program as a service with AlwaysUp, you have the power to enforce who can start, stop, restart or edit the service.

That capability is available by selecting Advanced > Service Security Settings from the Application menu:

Open service security settings

From there, it’s easy for you to specify what each user can do. For example, here’s how we allow Hazel Jones to start or stop the service, but not to modify or delete it:

Allow Hazel to start or stop the service only

CRA Requirement #5: Data confidentiality

Maintain the confidentiality of all data processed

How we help you to comply

None of our products collect personal data.

And when our applications communicate with our servers — for example when checking for updates or assigning a license — all data is encrypted in transit over HTTPS.

CRA Requirement #6: Data integrity

Protect data collected from manipulation or modification

How we help you to comply

By design, we intentionally limit the data stored by our applications. That’s because our strong preference is to delegate all data persistence to the Windows operating system.

For example, when you set up an application with AlwaysUp:

  • Your configuration/settings are saved in the standard registry entries related to the Windows Services created

  • Any account passwords you supply are saved and protected by Windows itself (the same way it handles other passwords)

That is, there is no separate repository of data managed by AlwaysUp. And we rely on Windows to protect any settings we collect from manipulation or modification.

CRA Requirement #7: Minimize data collection

Don’t collect and process data unless it’s absolutely necessary

How we help you to comply

As mentioned before, we intentionally limit the data collected and stored by our applications. And none of our products collect personal data.

That’s by design. We simply don’t want the responsibilities, requirements and headaches that come with collecting unnecessary information!

CRA Requirement #8: Protect essential functions

Employ methods to survive cyber attacks and other onslaughts

How we help you to comply

AlwaysUp and Service Protector are all about protecting essential functions. It’s not a stretch to say that simply using our products demonstrates your commitment to surviving crashes, human error, and other exceptions — just as the CRA demands.

Our software can also help you protect your systems from cyber attacks. For example, you can have AlwaysUp run your security monitoring components 24/7. And in that scenario, even if a hacker kills your application, AlwaysUp will be there to restart protection in a few seconds.

CRA Requirement #9: Limit attack surfaces

Minimize interfaces and other points of vulnerability when designing and implementing software

How we help you to comply

Security always has a front row seat whenever we design and build software.

For example, with AlwaysUp:

  • There are no open/listening TCP/IP ports

  • All communication is encrypted in transit

  • Program settings (including passwords) are stored by the operating system and accessed via Windows API functions

  • Only administrators can run the program

CRA Requirement #10: Logging & monitoring

Implement event logging and reporting

How we help you to comply

Both AlwaysUp and Service Protector write detailed, timestamped messages to the Windows Event Logs. If you’re curious, this page documents the information, errors and warnings reported by AlwaysUp.

Specifically, AlwaysUp writes entries to the Application event log. You can browse those records using the Event Viewer:

Event Viewer shows the AlwaysUp logs

It’s important to realize that because our products support standard Windows logging methods, customers can easily feed those records into a SIEM or other central repository. As such, our logging and reporting is readily compatible with professional, enterprise systems.

Hopefully this article demonstrates our commitment to the principles behind the Cyber Resilience Act. Needless to say, we’ll continue to monitor the emerging regulation and react to any amendments introduced before 2027.

Stay safe!

You may also like...

AlwaysUp Feature Spotlight: Run your App Without Admin Rights

AlwaysUp Feature Spotlight: Run your App Without Admin Rights

Q & A: How do I Restart my Application/Service Regularly from AlwaysUp?

Q & A: How do I Restart my Application/Service Regularly from AlwaysUp?

Q&A: How do I Avoid Errors when Stopping my Plex Windows Service?

Q&A: How do I Avoid Errors when Stopping my Plex Windows Service?

Posted in Company | Tagged , , , , , | Leave a comment

How AlwaysUp Supports Your ISO 27001 ISMS

Posted on December 8, 2025 (Revised December 21, 2025)
How AlwaysUp Supports Your ISO 27001 ISMS

ISO 27001 is an internationally recognized information security standard. It focuses on three core principles — confidentiality, integrity and availability (CIA) — and provides detailed guidance to help you keep your company’s information assets safe from bad actors, data breaches, extended downtime and much more.

AlwaysUp is our professional software that runs any application as a Windows Service. Today, many of the Fortune 500 companies rely on AlwaysUp to keep their key software running 24/7. And because every single one of those companies obsesses about information security, we do too. Indeed, we design and build all our software atop CIA principles.

Does your company operate an information security management system (ISMS) based on ISO 27001? If so, here are a five important Annex A controls that AlwaysUp will help you implement.

Annex A 5.15: Access Control

ISO 27001 Annex A 5.15 focuses on controlling access to information assets. Its objective is to ensure that employees only have access to the information they need to perform their duties. In other words, Annex A 5.15 is all about enforcing the principle of least privilege.

How AlwaysUp helps you control access

#1: Only admins can run AlwaysUp

AlwaysUp is restricted to administrators only. A standard user without admin rights cannot start the program on his own.

If a standard user attempts to start AlwaysUp, Windows prompts for admin credentials:

Windows prompts for admin credentials when starting AlwaysUp

That important safeguard prevents untrusted (or untrained) individuals from updating your critical applications.

#2: You can restrict access to your AlwaysUp Windows Services

After you install your program as a service with AlwaysUp, you have the power to enforce who can start, stop, restart or edit the service.

That capability is available by selecting Advanced > Service Security Settings from the Application menu:

Open service security settings

From there, it’s easy for you to specify what each user can do. For example, here’s how we allow Hazel Jones to start or stop the service, but not to modify or delete it:

Allow Hazel to start or stop the service only

#3: You can run your applications without admin rights

By default, Windows Services operate with full rights. There’s no User Account Control (UAC) in place, where an administrator can run an application without elevated rights. And that can violate the principle of least privilege.

AlwaysUp fixes that shortcoming. With AlwaysUp, you’re able to launch your application in the context of a full blown administrator yet have those powerful admin rights removed when your application runs. That’s a sure fire way to limit what your application is able to do — and protect your systems.

The option to run your application with reduced rights is available on the Logon tab:

Run your application without admin rights

Annex A 5.30: Readiness for Business Continuity

Annex A 5.30 is an organizational control focusing on business resilience. It aims to prepare you to survive the inevitable operational bumps in the road as you serve your customers.

AlwaysUp is designed to be a core component of your resilience plan. By quickly detecting failures and automatically restarting your mission-critical software, AlwaysUp reduces interruptions and downtime. And that’s great for your Recovery Time Objective (RTO).

AlwaysUp automatically restarts the Java Appointment Server

Annex A 8.9: Configuration Management

Annex A 8.9 emphasizes the need for standardized configurations in IT operations.

As ISO 27001 points out, relying on tested, predefined settings instead of having staff constantly “reinventing the wheel” is a guaranteed way to reduce risk, improve reliability and increase oversight.

How AlwaysUp helps with configuration management

#1: We’ve created guides for hundreds of applications

Did you know that our team has tested and documented how to set up over 160 popular programs with AlwaysUp? If you’re running one of those apps as a Windows Service, all you’ve got to do is follow our step-by-step instructions. There’s no need for you to re-engineer on your own.

Dropbox OneDrive Google Drive for desktop Emby Server InfluxDB Java Kibana Node.js PHP Plex Media Server Python

#2: You can easily export and import standard configurations

Once you’ve settled on a configuration that works for your application, you can export it to a file. And to re-create that application on a different computer, all you’ve got to do is import the file there.

AlwaysUp importing standard configuration files

With that approach, your team will deploy the same, standard AlwaysUp configurations every time — exactly what Annex A 8.9 encourages.

Annex A 8.15: Logging

ISO 27001 stresses the importance of logging in robust, resilient systems. As such, the standard includes Annex A 8.15 to drive the point home.

AlwaysUp is aligned with the recommendations of Annex A 8.15. As it runs your programs as services, AlwaysUp writes key information to the Windows Event Logs — the standard, centralized location where applications report important software and hardware events.

Specifically, AlwaysUp writes entries to the Application event log. You can browse those records using the Event Viewer:

Event Viewer shows the AlwaysUp logs

The bottom line is that you can rely on detailed logging from AlwaysUp when investigating incidents and providing root cause analysis to your management team.

Annex A 8.16: Monitoring Activities

As described in ISO 27001 Annex A 8.16, organizations should proactively and reactively monitor IT and security operations to prevent incidents, detect anomalies, and ensure compliance.

AlwaysUp fulfills those obligations by closely monitoring your business-critical applications and shouting whenever they misbehave.

For example, AlwaysUp can detect when your application consumes too much memory, CPU or resource handles. And email from AlwaysUp will quickly alert you of the trouble, as it did here when the “Appointment Server” stopped responding to network requests:

AlwaysUp sent an email when the network sanity check failed

With those details in hand, you’ll be well positioned to investigate and determine if the situation requires your attention. For instance, is your application demanding too much CPU because it’s overloaded? Or is your network the victim of a denial-of-service attack?

In any case, AlwaysUp’s monitoring and early warning systems allow you to quickly intervene and prevent incidents before they occur. And that strengthens your security posture.

So that’s a quick look at how AlwaysUp aligns with your security best practices. Rest assured that our company will continue to follow bedrock ISO 27001 principles as we improve our software.

Finally, best of luck with your information security program! Please be sure to get in touch if you need any help with documentation or implementation.

You may also like...

Q & A: What Setting will Help AlwaysUp Start my App at Boot?

Q & A: What Setting will Help AlwaysUp Start my App at Boot?

Q&A: How do I allow Non-Admins to Start/Stop/Restart my AlwaysUp Windows Services?

Q&A: How do I allow Non-Admins to Start/Stop/Restart my AlwaysUp Windows Services?

Q&A: With AlwaysUp, Where Do My Application's Debug Messages Go?

Q&A: With AlwaysUp, Where Do My Application's Debug Messages Go?

Posted in AlwaysUp | Tagged , , , , , | Leave a comment

Q&A: Why Isn’t Automatic Login Working?

Posted on November 24, 2025
Why isn't Automatic Logon Working?

  As a workaround for recent problems running OneDrive in Session 0, we configured AlwaysUp to automatically log in and start OneDrive in the new session. I followed your instructions but it’s not working because, as far as I can see, Windows isn’t logging in automatically. What could be going wrong with auto login and how can I fix it?

— Amy

Hi Amy, thanks for reaching out.

We’re not surprised that you’ve run into trouble. For some reason, automatic login (“autologin”) remains a poorly documented feature of Windows. It’s available, but Microsoft doesn’t make it particularly easy to use.

In any case, let’s review the five most likely places where things could be going off the rails with autologin.

Problem #1: Automatic login isn’t set up properly

Autologin only works if you’ve provided a known user name and its associated password. Are you positive that you entered the correct password? If you haven’t, automatic login will silently fail.

How to fix it

Download Microsoft’s free, standalone Autologon utility and use it to set up automatic login.

It’s super easy to use. Enter the user name, domain (if applicable) and password and Autologon will save them all in the Windows registry:

Set up automatic login with Microsoft's Autologon tool

And when you click the Enable button, Autologon will verify your credentials and alert you if you put in a bad password:

Autologon confirms that the credentials you entered work

That check will eliminate some head scratching later on if you’re prone to fat-finger situations. 🙂

Note that Autologon encrypts your password in the registry. But even though that’s a good line of defense, the password may remain vulnerable to determined administrators. For more on that, please review this post discussing security issues related to automatic login.

Problem #2: Your password changed

When you set up automatic login, your user name, domain and password are all saved in the registry. If you subsequently change your password, autologin will fail because Windows keeps using your old password.

How to fix it

Simply re-run the Autologon utility and enter your new password. Autologon will save your updated password, encrypted.

Problem #3: A local or group policy is preventing automatic log on

Even though you may have set up automatic login using Autologon or another method, your intentions may be at odds with the administrator who manages your machine. In fact, that’s extremely likely if your computer is part of a corporate Windows domain.

You see, Windows enforces your company’s policies and practices through group policies — centrally-managed restrictions that apply to all company computers. And those all-powerful policies can curtail almost any feature, including autologin.

How to fix it

If you think that your local settings are being countermanded by a group policy, it’s best to raise the issue with your system/domain administrator. They can make the necessary changes to permit auto-login — but only if they agree with what you’re trying to do. Be prepared to discuss security.

Here are some resources that may be helpful as you’re working with your administrator:

Problem #4: A Logon Banner is blocking autologin

Do you have to acknowledge a legal notice or disclaimer when you sign into your computer? It may look like this:

A Windows Logon Banner

That interactive Logon Banner — which requires you to click a button whenever you sign in — will definitely hold up automatic login.

In fact, Microsoft says exactly that on this page:

 This registry change does not work if the Logon Banner value is defined on the server either by a Group Policy object (GPO) or by a local policy. When the policy is changed so that it does not affect the computer, the autologon feature works as expected.

Therefore, you (or your administrator) must update the group policy to disable the Logon Banner on your computer for automatic login to succeed.

Problem #5: AlwaysUp isn’t starting your application after autologin

It doesn’t seem this way from what you describe, but is it possible that automatic login succeeds and AlwaysUp fails to launch OneDrive in the newly-created session? That may be happening for a couple of reasons.

Reason number one is that you’re not giving Windows enough time to start AlwaysUp. For instance, if you’ve instructed AlwaysUp to start your application Automatically but shortly after the computer boots, it may take up to 5 minutes for your application to start running. If you log in too soon, you may get the impression that “nothing’s working.”

And beyond a slow start, it’s quite possible that AlwaysUp is running into a problem finding the new login session or cannot launch your program on the desktop. If any of those oddities occur, AlwaysUp will note the problem in the Windows Event Logs. Select Application > Report Activity > Past Week to generate a full report in your web browser:

Report OneDrive activity for the past week

How to fix it

First, please be patient. Automatic login may take longer than you think.

Second, review the AlwaysUp activity report for clues and take action on what you find. This page documents common errors and warnings. Please be sure to get in touch with our technical support team if you need help.

Good luck!

You may also like...

Q & A: Can my CAE/Visio Application Run Properly as a Windows Service?

Q & A: Can my CAE/Visio Application Run Properly as a Windows Service?

Watch out for Dropbox Prompts when Running as a Service!

Watch out for Dropbox Prompts when Running as a Service!

AlwaysUp Feature Spotlight: Automatically Reconnect Network Drives

AlwaysUp Feature Spotlight: Automatically Reconnect Network Drives

Posted in AlwaysUp | Tagged , , , | Leave a comment
 

Products

Topics/Tags

onedrive alwaysup-web-service interactive-services dropbox event-viewer feature-spotlight session-0-isolation task-scheduler net.exe essential-tools troubleshooter sanity-check windows-10 services.msc essential-windows-services service-protector google-drive service-security-editor windows-8 support windows-server-2012 powershell java new-release windows-services security automatic-delayed windows-service-auditor q&a alwaysup

Categories

Archives

Search This Blog


Home  | Products  | Support  | Company  | Privacy Policy  | Site Map
Run Application as Windows Service  | Auto-restart Windows Services  | Srvany vs. AlwaysUp  | AlwaysUp FAQ
How to Run Popular Applications as Windows Services  | Windows Services FAQ

Copyright © 2004-2026 Core Technologies Consulting, LLC
7028-B Thornhill Drive, Oakland CA 94611, USA
Phone: +1 (510) 343-3565  |  FAX: +1 (208) 979-1109