Have you ever worried that a hacker could figure out your login password through a password-guessing attack? Here’s how you can prevent this by temporarily locking your account when the wrong password is entered several times.
Account lockout threshold is basically a feature of Windows that allows you to lock your user account after a number of failed login attempts. In this article we’ll explain two methods of setting the account lockout threshold to limit the number of failed login attempts in Windows 8 and 7.
Tips: If your account is locked out permanently and couldn’t login with any user account, you can unlock your system with PCUnlocker Live CD.
Method 1: Using Local Group Policy Editor
- To open the Local Group Policy Editor, press the Windows key + R and type gpedit.msc in the Run box.
- In the left pane, navigate to Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > Account Policies, and click Account Lockout Policy.
- In the right pane, you will see three policy settings, named Account lockout duration, Account lockout threshold, and Reset account lockout counter after.
Double-click Account lockout threshold and set the number of invalid login attempts you like between 0 and 999, click OK.
- Windows will prompt you to set suggested settings for Account lockout duration and the length of time to Reset account lockout counter. You can either click OK to choose the default value or change it later.
Method 2: Using the Command Prompt
However, the above method will not work on Home editions of Windows as Group Policy Editor is only available in Ultimate or Pro version of Windows. Instead, you can change the account lockout threshold directly from Command Prompt. Here’s how:
- First you need to open an elevated Command Prompt. In Windows 7, right-click on the Command Prompt in the Start Menu and select Run as Administrator. In Windows 10 or 8, just press the Windows key + X and select Command Prompt (Admin).
- In the Command Prompt, run the command net accounts /lockoutthreshold:(0-999) and you can change the account lockout threshold. For example, I want the system to automatically lock out my account after the password is entered incorrectly 3 times, I would type in this command below and press Enter.
net accounts /lockoutthreshold:3
- Now, you need to set how long the account will be locked when the password is entered incorrectly. In this example, we set the computer to lock for 30 minutes. But you can choose less or more (between 0 and 99999), depending on your needs.
net accounts /lockoutduration:30If you set the account lockout duration to 0, then a locked out user account will be locked out until an administrator manually unlocks that locked-out account.
- Once you’re finished, you can run the net accounts command to review your settings.
Conclusion
When the password is entered incorrectly a couple of times, you are restricted from further login attempts for a certain time period. After limiting the number of failed login attempts in Windows, it will prevent hackers from being able to guess your password by entering every possible password combinations continuously.