Keep your hands off my computer! Enabling account lockout policy, lockout threshold, and lock duration in Windows 8
Windows 8 has a login screen allowing for multiple users, each of whom have their account password protected. But given the large amount of personal data in a user’s file, from e-mail, to contacts, to financial and personal information, some users may want to have a lockout policy in place. This will lock an unauthorized user (and you, if you mistype or forget your password too many times) after a specific number of login attempts. The computer will be locked for a period that you specify before a user can try and enter their password again.
Directions on how to set the Lockout Policy in Windows 8 after the jump.
This will open the Local Group Policy Editor, as shown on the right. This is the box where you can adjust the Local Computer Policy settings. From here, go to: Computer Configuration/ Windows Settings/ Security Settings/ Account Policies/ Account Lockout Policy
As shown, there are three policy settings: Account lockout duration, Account lockout threshold, and Reset account lockout counter after.
Open the second choice, Account Lockout threshold. This picks how many times a user can try entering a password before they’re locked out. You can set it to any number between 0 and 999. In this example, we set it to three attempts. Mattering on how forgetful you are, you may want to set it higher. Once you’ve picked a number, click OK.
Another window will automatically open with suggested settings for the other two Policies. Just click OK and close this window, we’ll be going through each setting later.
Next, open the Account lockout duration policy. This is how long the account will stay locked before it becomes unlocked. It can be set anywhere between 0 and 99,999 minutes. If you want to keep people out for awhile, set the number higher. If you just want to make sure that you know before your kid or pesky coworker starts using the computer, set the number lower. In the screenshot on the right, we set the account to be locked for fifteen minutes. Once you’ve picked the time you’d like the lockout to last, click OK.
Finally, open Reset account lockout counter after. It sets the time after a failed logon attempt before logon attempt counter is reset to 0. Set the time between 0 and 99,999 minutes (you can do this the same length as the step above) and Click OK to confirm. As shown on the left, if you’ve gone through the above steps, you should now have times and a number of invalid login attempts under the “Security Setting” column.
Once you’re satisfied with your new settings, close Local Group Policy Editor. Start the Run console by pressing the Windows button plus the R key. Type in gpupdate /force and hit Enter to force through your settings. Either restart or log off your PC to complete the process.
Thanks to Addictive Tips for supplying the screenshots for this post.