Enable Account Lockout Policy And Set Lockout Threshold & Duration In Windows 8 [Tip]

Advertisement

In Windows, User Account holds a lot of personal information related to the owner of that account. If any unauthorized person finds a way of accessing someone else’s account, it can be devastating for the account holder. Most users password-protect their user accounts to secure their personal information. Although it is quite risky, as accounts hold a lot of sensitive information, including financial information, passwords to different email accounts, online services, and communication clients, adding multiple layers of security sometimes makes it annoying for the users themselves to access the required information. Nowadays, smartphones hold as much, if not more, personal information, as computers. They also have the lock screen feature, and anyone attempting to unlock their phone must enter the password or PIN code. Entering the wrong password for a specified number of attempts locks the phone for a defined time. This option is also available in Windows, but it’s disabled by default. In this post, we will explain how you can enable the Account Lockout option, set the number of logon attempts before locking the system, and specify the Account Lockout duration using the Local Group Policy Editor in Windows 8. To begin, make sure that you have logged in as Administrator or have required administrative rights to change local group policies. First off, go to Start Screen, type gpedit.msc, select Apps from the right sidebar, and then click gpedit.msc in the main window.

Start Screen

This will open the Local Group Policy Editor dialog box where you can tweak all the system and user related settings. Now, navigate to the following location.

Computer Configuration/ Windows Settings/ Security Settings/ Account Policies/ Account Lockout Policy

In the main window, you will see 3 Policy settings, named Account lockout duration, Account lockout threshold, and Reset account lockout counter after.

Local Group Policy Editor Account Lockout Policy

First, open the second Policy, Account Lockout threshold. It determines the number of failed logon attempts that locks out the User Account. Set it to any number you like between 0 and 999, and click OK.

Account lockout threshold Properties

This will open another window with suggested settings for the other two Policies. Click OK to close the window.

Suggested Value Changes

Now, open properties for the Account lockout duration policy. It allows you to specify the number of minutes that a locked account remains inaccessible before it automatically becomes unlocked. Set the number of minutes (between 0 and 99,999 minutes) you want the user account to be locked out for and then click OK.

Account lockout duration PropertiesNow, open the third policy called Reset account lockout counter after. It basically determines the time (in minutes) that must elapse after a failed logon attempt before logon attempt counter is reset to 0. Set the time and Click OK to confirm. In the Local Group Policy Editor window, you will be able to see the new settings under the Security Setting section. Local Group Policy Editor

Once you’ve changed the security policy settings, close Local Group Policy Editor, and bring up Run console using the Win+R hotkey combination. Enter gpupdate /force and hit Enter to forcibly apply new policy settings. Now, restart or log off your PC to verify the new policy settings.

Advertisement
  • Sad Windows User

    My copy of windows 8 doesn’t have anything like gpedit.msc so this article is worthless to me!