Why is this a problem?

The remote desktop client, mstsc.exe, believes it is being helpful to you by showing the most recently used username in the login dialog.  For most normal users this would be true, but for AuthLite users it is annoying because the previously used OTP is not ever going to work.  The normal solution is to click "Other user" and enter a new OTP and password.

There is not any setting or key you can change that will make the RD client stop trying to do this behavior, but there is an ugly workaround.

OK, how do we stop it?

I apologize in advance for the crudity of this method, but: go into the registry setting where mstsc stores its hints, and change the permission so it cannot write to the key.  In more detail, under the key

HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Servers\

There will be a value called UsernameHint.  This stores what the client will display next time you try to connect to the server at "".  Change the value from the old form


to simply:


After doing this, go into the Security tab of the server's key and DENY your own user the right to set values in the key.  See the following image:

After applying this setting, the logon window for this connection will always show a blank username field with the correct domain defaulted. 

If you want the benefit of having the domain pre-populated, then you have to make this change for every server sub-key.

If you are OK with entering the domain name every time, you can deny access on the "Servers" key itself, and it will apply for every connection to every server then.