Does Windows XP keep a log of the login and screen locking events? If so, how can I view it?
SnapOverflow
Does Windows XP keep a log of the login and screen locking events? If so, how can I view it?
Logon events are in the event viewer under Security. I don't think desktop locking is audited.
Whether these events ARE audited is another question. I don't recall the defaults. To ensure they are, Go to Control Panel, Administration Tools and run Local Policy Settings. In there under audit policies, there are two different login events listed. Enable success and failure for both.
Then in Computer Manager, right click the Security event log and expand its size to 8MB and set Overwrite as needed (unless you really MUST KNOW, then select do not overwrite). 8MB should give you enough overhead to ensure the events are there when you look.
(WARNING: do not enable successful 'audit object access'. This will generate an event for every file & registry key access and will likely bring it to a crawl.)
\\Greg
There may be some more hinst and tips in this question :
How to tell what time a domain user logged in?