Limiting the Number of Login Attempts

by Barry Dysert
(last updated August 18, 2017)

3

As a security measure, you may want to limit the number of login attempts that can be made on your system. This is so that someone trying to break into your system by continually trying random passwords will end up locking the account for a certain period of time.

Assuming you have administrative privileges, you can establish the parameters for the lockout. To do this, go to Search | Administrative Tools | Local Security Policy (in Windows 7) or click Start and type (without quotes) "local security" and press Enter (in Windows 10). (See Figure 1.)

Figure 1. Local Security Policy main screen.

On the left of the dialog box, expand the "Account Policies" node and then click on "Account Lockout Policy." (See Figure 2.)

Figure 2. Accessing the Account Lockout Policy parameters.

In the right pane, you'll see that there are three lockout-related parameters that you can adjust. (You adjust them by double-clicking the Policy name and specifying the desired value.) The Account Lockout Duration setting denotes how long the account will stay locked once it becomes locked. You can specify a number anywhere between 0 and 99999 minutes. If set to 0, the account will remain locked until explicitly unlocked.

The Account Lockout Threshold setting denotes how many consecutive failed login attempts can occur before the account is locked. You can specify a number anywhere between 0 and 999. If set to 0, the account will never be locked out.

The Reset Account Lockout Counter After setting denotes the amount of time it will take before a locked-out account is automatically unlocked. You can specify a number between 1 and 99999 minutes. If an Account Lockout Threshold is defined, this reset time must be less than or equal to the Account Lockout Duration setting.

After you've made whatever changes you want to the lockout parameters, OK your way out. The settings go into effect immediately.

 This tip (13087) applies to Windows 7 and 10.

Author Bio

Barry Dysert

Barry has been a computer professional for over 30 years, working in different positions such as technical team leader, project manager, and software developer.  He is currently a senior software engineer with an emphasis on developing custom applications under Microsoft Windows. ...

MORE FROM BARRY

Changing How User Account Control Works

The User Account Control (UAC) model allows an administrator to control when (or if) they are to be notified when a ...

Discover More

Getting Rid of Notification Area Icons

Getting notified of events can be useful, but if the notification icons get too numerous you may wish to turn some off. This ...

Discover More

Controlling the Size of the Windows Page File

The Windows page file is crucial to optimal system performance. This tip shows you how to control its size.

Discover More
More WindowsTips

Understanding Windows SIDs

This tip presents some information about Windows SIDs (Security Identifiers) and shows you some tools that you can use to ...

Discover More

Recovering a Forgotten Administrator Password

Forgetting your administrator password may be cause for panic because there is no supported way to discover it. Before you ...

Discover More

Modifying How Windows Notifies You of Impending Changes

Part of the security system built into Windows involves notifying you when changes are about to occur to your system. Here's ...

Discover More
Subscribe

FREE SERVICE: Get tips like this every week in WindowsTips, a free productivity newsletter. Enter your address and click "Subscribe."

View most recent newsletter.

Comments

If you would like to add an image to your comment (not an avatar, but an image to help in making the point of your comment), include the characters [{fig}] in your comment text. You’ll be prompted to upload your image when you submit the comment. Maximum image size is 8Mpixels. Images larger than 600px wide or 1000px tall will be reduced. Up to three images may be included in a comment. All images are subject to review. Commenting privileges may be curtailed if inappropriate images are posted.

What is eight more than 8?

2014-04-29 05:48:56

Steve

Thanks, Barry. That answered my question. I have the Premium edition.


2014-04-28 08:06:13

Barry

By chance, is your edition of Windows the "Premium" edition? That flavor of Windows does not include the policy editors. (You'd have to upgrade to "Professional"). If you are running at least Professional, then what happens if you click Start and type "secpol.msc"?


2014-04-28 07:52:41

Steve

My Administrative Tools does not include Local Security Policy. I have Win7 HP 64x. What gives?


Newest Tips
Subscribe

FREE SERVICE: Get tips like this every week in WindowsTips, a free productivity newsletter. Enter your address and click "Subscribe."

(Your e-mail address is not shared with anyone, ever.)

View the most recent newsletter.