The Account auditing feature is related to the security of your system. This feature is kept disabled by default, we will discuss the following two points in this post:
- What Is Account Auditing
- How To Enable Account Auditing In Windows 7
What Is Account Auditing
Whenever you are connected to the Internet, you are at risk. Anyone can try to access your system and if enhanced security is not implemented, then the hacker can steal your confidential data. Account Auditing lets you see who may be trying to break into your account. Whenever someone tries to access your system, an event is generated depending upon whether the access attempt is successful or not. If you have enabled the Account Auditing settings then such type of events are logged in the system and you can view these log files any time to see if someone is accessing your system or not.
How To Enable Account Auditing Settings
Click Start and type secpol.msc, then hit Enter, the Local Security Policy window will be displayed, now navigate to Local Policy > Audit Policy and right click the Audit account logon events policy option and choose Properties.
Now check both the Success and Failure check boxes (By checking both, windows will save the logs of both successful as well as failed attempts, if you wish to save logs of only failed attempts then only check the Failure option).
Now follow the above procedure for Audit Logon events option too.
Right click the Audit logon events option, then choose Properties and check both Success and Failure for this as well. Once done with the settings, click OK.
Now you can see the logs of the login attempts from the Event Viewer, click Start, type Event Viewer and hit Enter. In the Event Viewer window, navigate to the Windows Logs > Security option to see the logs for both the successful and failed logon attempts.