By default, Windows 10 lists all user accounts on the Welcome screen which exposes all usernames, and it is not considered secure. Why it is not secure this way? Because malicious user can create a fake login screen looks like the Windows login screen, and then capture user’s credentials when a legitimate user tries to log in using the fake login screen. You can prevent this from happening by enabling a secure feature in Windows to require user to press Ctrl+Alt+Delete key combination before login, and this key combination will bring up the legitimate Windows login screen to protect user’s credentials. Windows 10 be default disabled this feature and also hid the interface where you can enable it, so you will need to run command to go to the graphic interface. How is how to do it:
1. Click the Windows key on your keyboard then type netplwiz, then right-click on the command and choose Run as administrator, as shown in the screenshot below:
2. Enter your administrator password when prompted, then click Advance tab and then check Require users to press Ctrl+Alt+Delete, then click OK to exit the window.
Now log out so it will become effective. Next time when you try to login, you will be prompted to press Ctrl+Alt+Delete key, then you will see the familiar Windows login screen. I hope the future Windows will have this feature enabled by default.
Hope this helps.
Reference: http://www.tenforums.com/tutorials/15697-secure-sign-ctrl-alt-delete-enable-disable-windows-10-a.html