Adding a strong password to your PC is the best way to ensure that unauthorized users can access it. However, if someone can gain access to your PC while you are not there, there is a chance that they could try to guess the password. To slow them down a bit you can have Windows temporarily lock when an incorrect password is entered. This will limit the number of times they can try out a password before you return to the PC.
What we’ll do is use Windows security settings to temporarily lock out the account for 30 minutes whenever the wrong password is entered 3 times. This will prevent them from being able to repeatedly guess your password, or at least make it take a lot longer.
Important Note: - This setting can also let somebody prank you by incorrectly entering the password 3 times and lock you out for 30 minutes. It would be wise to have another administrator account that can unlock the regular account. Either way, use caution with this setting.
What we’ll do is use Windows security settings to temporarily lock out the account for 30 minutes whenever the wrong password is entered 3 times. This will prevent them from being able to repeatedly guess your password, or at least make it take a lot longer.
Important Note: - This setting can also let somebody prank you by incorrectly entering the password 3 times and lock you out for 30 minutes. It would be wise to have another administrator account that can unlock the regular account. Either way, use caution with this setting.
To enable this feature through Local Security Policy, Proceed as Follows: -
Please Note: - Local Security Policy is only available on Business, Professional, Enterprise, and Ultimate versions of Windows 7 and Vista. If you’re using Starter, Home Basic, or Home Premium, you’ll need to use the Command Prompt method listed below.
1. To open Local Security Policy, simply enter it in the Start menu search box and select the correct entry.
2. Now, double-click Account Policies on the left and select Account Lockout Policy.
3. By default, your account should not automatically lock out when the password is entered incorrectly. To change this, double-click on the Account lockout threshold entry.
4. In this dialog, enter the number of times you want to allow before your account will lock out. We entered 3, so our account will automatically lock out if the password is entered incorrectly 3 times in a row. Click Ok to save your settings.
5. Windows will prompt you to set suggested settings for Account lockout duration and the length of time to Reset account lockout counter. This will choose 30 minutes by default; you can select another time, or go with the defaults by clicking Ok.
6. You’ll now see your new settings in the Local Security Policy dialog. With our settings, our account will be locked for 30 minutes if the password is entered incorrectly 3 times in a row. If you want to change the settings, simply repeat these steps and enter the new settings you want.
To enable this feature through Command Promt, Proceed as Follows: -
1. If you’re using a home edition of Windows, or prefer working in command prompt, you can change the password lock settings directly from command prompt. First, open an Administrative command prompt. To do this, right-click on the Command Prompt link in the Start menu and select Run as Administrator.
2. Now, in the command prompt, enter the following: -
net accounts
This will list your current password policy, which by default should Lockout threshold: Never which means that your account will not lock you out if the password is entered incorrectly.
3. Let’s change this to automatically lock us out when then password is entered incorrectly.
Please Note: - Before you proceed, make sure to complete the full directions, or you could permanently lock your accounts on a Home Premium computer.
To change the setting and make your login automatically lock you out, enter the following, substituting the number at the end with the number of times you want to allow the password to be entered before the account is locked. Make sure to set this as 1 or more.
net accounts /lockoutthreshold:3
Here we set the account to lock out after the password is entered incorrectly 3 times.
4. Now, you need to set how long the account will be locked when the password is entered incorrectly. Enter the following, again choosing any option over 1. We set our computer to lock for 30 minutes, but you can choose less or more, depending on your needs.
net accounts /lockoutduration:30
5. Then enter the following to choose how long to wait before the incorrect login count is reset. We recommend entering the same number you used for the lockout duration.
net accounts /lockoutwindow:30
Once you’re finished, you can enter net accounts again to review your settings. They should look something like the settings below, depending on what you chose.
While this may not make your computer fully secure, it does help keep people from casually snooping on your computer while it’s running. This will make it much harder for someone to guess your password, since they’ll be blocked out after entering it incorrectly several times.
Don’t forget that you can quickly lock your computer by pressing Win+L on your keyboard, which is a good idea if you want to keep your data safe when you’re away from your desk.
No comments:
Post a Comment