How does Windows decide what instructions to provide for unlocking the PC?

Raymond Chen

A customer reported that they had purchased a bunch of machines that purported to be identical, yet they showed different instructions on how to unlock the PC when the group policy is set that requires the secure attention sequence to log on. They wanted to know how Windows decides which message to show.

Okay, here’s how it works: The system goes through these scenarios in order, taking the first one that matches.

Has power button and volume-down buttonPower + Volume down. If a keyboard is attached, then also Ctrl+Alt+Del.
Has Windows key on bezelWindows + Power. If a keyboard is attached, then also Ctrl+Alt+Del.
Is a Tablet PCCtrl+Alt+Del or Windows Security button.

The system detects the power button by looking for HID usage page 1 (Generic: HID_USAGE_PAGE_GENERIC), usage 0x81 (System Control group, System Power Down: HID_USAGE_GENERIC_SYSCTL_POWER). The volume-down button is HID usage page 12 (Consumer: HID_USAGE_PAGE_CONSUMER), usage 0xEA (Audio group, Volume Decrement: HID_USAGE_CONSUMER_VOLUME_DECREMENT).

The Windows key on the bezel is detected by looking for it as a GPIO button. Here are some hardware details on how to set up the button. I hope that page makes sense to you, because I don’t understand it.

To help the customer figure out what the difference is between the systems, we recommended that they verify that the BIOS and drivers are the same version and are identically-configured. Because it’s the BIOS and drivers that have primary responsibility for reporting the chassis buttons.