Win 9x/ME are single user only (multiple profiles can be activated, but the implementation is horrible), so there's no actual security bound to a user account.
The whole login thing is just to authenticate you to your list of stored network passwords (if any). If you hit cancel, there will be no automatic passwords available. If you enter a new user name (i.e. on that hasn't been used before), the system just adds the new password list for that user and that's it. I guess someone's just tried a new user name. If the password is empty, the user will be 'logged on' automatically the next time the system starts.
To reuse a user 'account' you don't know the password for, just erase his password list 'c:\windows\.pwl'.
