How to Set Up or Remove a Kiosk Account with Assigned Access in Windows 10 & 11

  • Last updated
how to remove a kiosk account with Assigned access in windows blog banner image
  • Last updated

What is a Kiosk account in Windows 10 and Windows 11?

Kiosk mode refers to configuring a device for public use by locking it to a single application, usually for use in a public environment.

Windows 10 and Windows 11 implement this using the Assigned Access feature available in Windows Pro, Enterprise, and Education versions (unfortunately users of Home editions are left out). Assigned Access works by limiting one or more user accounts to accessing only a specified universal Windows platform (UWP) app. This can be an app you have custom-developed (for example, a map or employee directory app for your business), a web browser that is restricted to your organization’s website, or even a video player or image slideshow showcasing your products and services.

This app launches automatically in full-screen mode and cannot be minimized or closed — only the specified kiosk app can be interacted with. This does several things, including denying access to the start menu, desktop, task manager, and file explorer. The screen will also not automatically lock when using assigned access/kiosk mode.

You can also configure digital kiosk functionality for your Apple iPadOS or iOS and Android devices.

Benefits of using Assigned Access for Kiosk mode

Beyond promotional business use cases, Kiosk mode and Assigned Access are often used in a number of scenarios to create public terminals, such as:

  • Locking down Windows 10 and Windows 11 devices deployed to public spaces, for example, in libraries so that users can search for and check out books
  • In education environments to prevent students from accessing unauthorized apps
  • In enterprise environments where devices are shared, electronic point-of-sales terminals, or for devices that control industrial machinery so that they are not used for any other purpose

Assigned Access simplifies the operation of Windows devices in these scenarios by enabling faster access to only the required features, ensuring that the device can only be used for its intended task, and preventing unauthorized access to other applications.

Prerequisites for setting up or removing a Kiosk account

Assigned Access is only available in Windows 10 and Windows 11 Pro, Enterprise, and Education editions. You will also need to be logged in as an administrator to manage user accounts on the device.

When choosing hardware for a public terminal, you should consider the use case: larger screens may be preferable in many situations, and if users are expected to interact with your Windows Kiosk, a touch screen removes the need for a physical keyboard and mouse that may be broken, vandalized, or stolen. Physical security should also be considered, including the use of Kensington locks or secure cases that prevent access to the device’s ports and prevent them from being physically moved.

Before you deploy your Windows kiosk to a public setting, you should update your device to ensure it has the latest security updates.

How to setup a Kiosk account using Assigned Access in Windows 10 and Windows 11

The steps for creating or removing a Kiosk account differ slightly between Windows 10 and Windows 11.

Setting up a Kiosk using Windows 10

To set up a Kiosk account in Windows 10, follow these steps:

  • Right-click on the Start menu and open the Settings app
  • Click Accounts

Click Accounts in the Settings dialog box

  • Select Family & other users in the sidebar
  • Under Set up a kiosk, click on Assigned Access and then click Get Started

Click assigned access in the Family and other users option
Set up kiosk dialog box

  • Enter a name for the new Kiosk user account (defaults to Kiosk)

Enter a name for the new Kiosk user account

  • Choose the single kiosk app that the account will be restricted to accessing

Choose a kiosk app dialog box

  • If selecting the Microsoft Edge web browser, you can choose to configure it as a public browser, limiting its functionality to prevent misuse, restricting it to a certain website, and resetting the browser after a period of inactivity

Configure your kiosk as a public broswer

  • You will then be able to configure the website URL to access along with other options depending on the chosen app

"You've finished" dialog box

You can navigate back to the same location in the Settings app at a later time to adjust the settings for your Kiosk.

Setting up a Kiosk using Windows 11

To set up a Kiosk account in Windows 11, follow these steps:

  • Right-click on the Start menu and select Settings
  • Click Accounts in the sidebar
  • Scroll down to and select Other Users

Other users options in the Settings dialog box

  • Click the Get started button that appears next to Set up a kiosk
  • Enter a name for the kiosk account that will be configured for single app access (defaults to Kiosk)

Create an account name for your kiosk account

  • Choose the single app that will be available from the kiosk account

Choose the single app for your kiosk account

  • If you select the Microsoft Edge web browser, you can optionally configure it as a public browser, limiting its functionality to prevent misuse, restricting it to a certain website, and resetting the browser after a period of inactivity

Configure your kiosk account as a public browser

  • You will then be able to configure the website URL the Kiosk user account can access, or other options depending on the chosen app

Configure the website URL the kiosk user account can access

  • Press Close to complete the process and create the single-app account

Press close and create the single-app account

You can then navigate back to Settings > Other Users > Kiosk at any time to change the settings for your Kiosk.

Exiting Assigned Access/Kiosk mode in Windows

After logging into a kiosk account, you must press Ctrl + Alt + Delete to log out, allowing you to log in as an administrator for system maintenance or to remove the kiosk account.

Step-by-step instructions: How to Remove a Kiosk account

Windows 10

To remove a Kiosk account in Windows 10, follow these steps:

  • Navigate to Accounts > Family & Other users in the Settings app
  • Click on Assigned Access under Set up a kiosk
  • Select the username for the kiosk account (default is Kiosk)
  • Click the Remove kiosk button

Click the Remove kiosk button

Remove kiosk

Windows 11

To remove a Kiosk account in Windows 11, follow these steps:

  • Open the Settings app and navigate to Settings > Other Users > Kiosk
  • Click on the Kiosk account name listed under Set up a Kiosk (default account name is Kiosk)
  • Expand the section under Kiosk info and click the Remove kiosk button

Click the Remove kiosk button

Windows Assigned Access troubleshooting and tips

There are a few tips to keep in mind when configuring and troubleshooting Assigned Access in Windows 10 and Windows 11 and while deploying public kiosk terminals:

  • Only UWP apps are supported
  • You can assign a different UWP app to different accounts with Assigned Access
  • For information booths and product demonstrations, UWP apps can have all the data they require built-in, removing the need for the kiosk to be connected to a network
  • You should sign in to your Kiosk account after setting it up to ensure it behaves as intended and that users cannot access anything they shouldn’t
  • Depending on where your device will be deployed, you may want to configure it to automatically sign in for convenience

You may also want to disable some additional Windows features to further limit what users can do with your Kiosk:

  • Disable accessibility features (such as the magnifier) from Ease of Access in the Control Panel
  • Disable the physical buttons and ports on your device in either Windows or the BIOS
  • Disable notifications and additional information on the lock screen
  • Disable removable media, webcams, and other unnecessary peripheral devices

Creating secure Kiosks for enterprise and education

Kiosk mode setup is a common task for Windows 10 and Windows 11 system administrators in education and enterprise environments. Setting up public web kiosk terminals presents unique security and maintenance challenges: devices must be physically secure, as well as carefully configured and monitored to ensure that they are operational, not being misused, and that they do not become a cybersecurity attack vector.

Configuration tasks such as managing kiosk users using Assigned Access, configuring firewall and security software, disabling cameras and external storage, and troubleshooting user issues require additional tools to be done efficiently and effectively.

MDM kiosk management by NinjaOne lets you manage your public-facing Windows 10 and 11 (as well as Android and iOS) devices, including internet kiosks, through a unified web interface that lets you manage and monitor the security and functionality of devices. Deploy private apps, monitor for misuse, and resolve issues remotely wherever your devices are located. In the event that a device is compromised or stolen, you can immediately lock it down to prevent its further use.

Next Steps

Building an efficient and effective IT team requires a centralized solution that acts as your core service deliver tool. NinjaOne enables IT teams to monitor, manage, secure, and support all their devices, wherever they are, without the need for complex on-premises infrastructure.

Learn more about Ninja Endpoint Management, check out a live tour, or start your free trial of the NinjaOne platform.

Start your Free Trial

You might also like

How to Add and Remove a Network location in Windows blog banner image

How to Add and Remove a Network Location in Windows 10

How to Change Permissions in Windows 10 blog banner image

How to Change Permissions in Windows 10: Files, Folders, and More

How to Convert Windows 11 ISO From Legacy BIOS to UEFI blog banner image

IT Guide: How to Convert Windows 11 ISO From Legacy BIOS to UEFI

How to Clear Windows Update History in Windows 10 and 11 blog banner image

How to Clear Windows Update History in Windows 10 and Windows 11

How to allow or prevent users from changing their password in Windows blog banner image

How to Allow or Prevent Users from Changing Their Password in Windows 10 & 11

How to See Devices That Can Wake Your Computer blog banner image

How to See Devices that can Wake Your Computer in Windows 10

Ready to simplify the hardest parts of IT?
Start a Free Trial
Get a demo
×

See NinjaOne in action!

By submitting this form, I accept NinjaOne's privacy policy.

NinjaOne Terms & Conditions

By clicking the “I Accept” button below, you indicate your acceptance of the following legal terms as well as our Terms of Use:

  • Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms.
  • Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party.
  • Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library belonging to or under the control of any other software provider.
  • Warranty Disclaimer: The script is provided “as is” and “as available”, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations.
  • Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks.
  • Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script.
  • EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).
I Accept