Friday, September 23

TEMPORARILY LOCK DOWN YOUR PC ON UNAUTHORISED LOGIN ATTEMPTS


  • WINDOWS SECURITY SETTINGS TO TEMPORARILY LOCK OUT THE ACCOUNT FOR 30 MINUTES WHENEVER THE WRONG PASSWORD IS ENTERED 3 TIMES. THIS WILL PREVENT THEM FROM BEING ABLE TO REPEATEDLY GUESS YOUR PASSWORD, OR AT LEAST MAKE IT TAKE A LOT LONGER.
2 METHODS TO DO THIS -->

1. LOCAL SECURITY POLICY 
2. THROUGH COMMAND PROMPT
  • LOCAL SECURITY POLICY IS AVAILABLE ONLY FOR BUSINESS, PROFESSIONAL, ENTERPRISE & ULTIMATE VERSION OF WINDOWS 7.
  • STARTER, HOME BASIC & HOME PREMIUM CAN ONLY EDIT THIS THROUGH COMMAND PROMPT ONLY.
****************************************************
THROUGH LOCAL SECURITY POLICY
****************************************************
  • Goto RUN & Type --> "local". Above you can see "Local Security Policy". Open it.
  • There Goto, Account Policies --> Account Lockout Policy --> Account lockout threshold.
  • Double Click it. Enter the number of invalid logon attempts. Here i entered 3, so my account will automatically lock out if the password is entered incorrectly 3 times in a row.  Click Ok to save your settings.
  • Windows will prompt you to set suggested settings for "Accountlockoutduration" and the length of time to Reset "accountlockoutcounter". This will choose 30 minutes by default. You can select another time, or go with the defaults by clicking Ok.
  • With the new settings, your account will be locked for 30 minutes if the password is entered incorrectly 3 times in a row.

*********************************************
USING COMMAND PROMPT
*********************************************
  • Goto RUN & Type "cmd". Right Click & Open "CMD as Administrator".
  • Type in prompt --> "net accounts". This will list your current password policy, which by default should "Lockout threshold : Neverwhich means that your account will not lock you out if the password is entered incorrectly.
  • To change the setting and make your login automatically lock you out, enter the following, substituting the number at the end with the number of times you want to allow the password to be entered before the account is locked.  Make sure to set this as 1 or more.

net accounts /lockoutthreshold:3

  • Now, you need to set how long the account will be locked when the password is entered incorrectly.  Enter the following, again choosing any option over 1.  I set my computer to lock for 30 minutes, but you can choose less or more, depending on your needs.
net accounts /lockoutduration:30

net accounts /lockoutwindow:30



  • Now Again Open "net accounts" & see the changes you have made. If you entered the password incorrectly more than the number of times you set before, you’ll be prompted that the account is current locked.  You’ll need to wait the length of time you set before you can log in again.




****************************************************************************************************************************************************************************************************************************************









No comments:

Post a Comment