Story Behind the Ctrl+Alt+Del keys for login

  • CERT Admin
  • Thu Oct 22 2015
  • Cyber Guardian Blog


Have you ever seen Ctrl+Alt+Del, also known as the "three-finger salute" required at login on certain Windows systems before the password can be typed in? From a user experience point of view, it's a bad idea as it's adding an extra step in getting access. 

But do you know there is security behind it?

Let me describe how it helps users to secure their system. Actually this combination is called a secure attention key (SAK) or secure attention sequence (SAS). The operating system kernel, which works directly with the hardware, is able to identify whether the secure attention key has been pressed. When this event is identified, the kernel begins the trusted login processing. The secure attention key is designed to make suspicious login attempts impossible, as the kernel will suspend any program, including those masquerading as the computer's login criteria, before starting a trustworthy login operation. On systems that are configured to use an SAK, users must always be suspicious of login prompts that are shown on display without having pressed this key combination.

Secure Attention Key for windows is Ctrl+Alt+Del and for Linux is Ctrl+Alt+Pause

There is a history of this combination. The soft reboot function via keyboard was firstly designed by David Bradley. Bradley, as the chief engineer of the IBM PC project and engineer of the machine's ROM-BIOS, had originally used Ctrl+Alt+Esc, but thought it was too easy to bump the left side of the keyboard and reboot the computer suspiciously. Based on his own account, Hallerman, who was the chief programmer of the project, therefore introduced switching the key combination to Ctrl+Alt+Del as a safety concern, a combination is not possible to press using one hand on the original IBM PC keyboard. 

The method was originally conceived only as an Easter egg for internal use and not aim at to be used by end users, as it triggered the reboot without warning or further authorization—it was developed to be used by users creating programs or documentation, so that they could reboot their computers without shutdown. Bill Gates (former Microsoft CEO) described it as "just something we were using in development and it wouldn't be available elsewhere". The feature, anyhow, was documented in IBM's technical reference documentation to the original PC and thereby opened to the general public. 

Bradley is also known for his good-natured jab at Gates at the celebration of the 20th anniversary of IBM PC: "I may have invented it, but Bill made it famous"; he quickly added it was a reference to Windows NT logon procedures ("Press Ctrl + Alt + Delete to log on"). 

During a Q & A presentation on 21 September 2013, Gates introduced "it was a mistake", mentioning to the decision to use Ctrl+Alt+Del as the keyboard combination to log in to Windows. Gates stated he would have planned a single button to function the same tasks, but IBM did not let him to add the extra button into the keyboard. That is the story behind Ctrl+Alt+Del login.

Anuruddha Hewawasam

Anuruddha is an undergraduate of the University of Colombo School of Computing who is currently following Bachelor of Science in Computer Science, Currently he is working as Intern - Information Security Engineer at Sri Lanka CERT|CC

Last updated: Thu Oct 22 2015