Here’s how to get it set up.
It would be wise to have another administrator account that can unlock the regular account.
To start, you’ll need to initiate the Command Prompt with administrative privileges.
you might set the number to anything you like, but we recommend setting it to at least three.
Now, you’re going to set a lockout duration.
We recommend 30 minutes, but you’re able to set whatever you like here.
And finally, you’re going to set a lockout window.
So, for example, say the lockout duration is 30 minutes and the lockout threshold is three attempts.
Again, we feel like 30 minutes is a good amount of time.
When you’re done, you could use the net accounts command again to review your controls.
They should look something like the tweaks below, depending on what you chose.
Now youre all set.
Your account will automatically prevent people from logging in if the password is entered incorrectly too many times.
And here’s how it works in practice.
Everything will appear as it always does until you enter enough failed password attempts to meet the threshold.
At that point, you’ll be given the following message.
And again, there is no indication about how long the account is locked out.
You don’t need to worry about the other two prefs.
When you set the lockout threshold to 0, the lockout duration and lockout window prefs become inapplicable.
Group policy is a powerful tool.
To change this, just select a new number greater than one.
Click “OK” when you’re done.
Windows now automatically configures the two related parameters to thirty minutes.
