So, as newer versions of Windows become mainstream, it’s always a good idea to think about what you might have to do to adapt old habits to new circumstances.
A popular option during an engagement to establish persistence on a host is to simply create a privileged account to work from. However, Windows 10 puts accounts on the lock screen by default, which for obvious reasons should be avoided.
I found an article today that actually talks about how to disable this behavior per-account, which is sweet!
The relevant registry key is
To which you’ll be adding the new Keys
And then your persistence user as a DWORD with a value of ‘0’
Voila, hidden account!