iSumsoft » Resources »Windows 10»Limit the Number of Failed Logon Attempts in Windows 10

Limit the Number of Failed Logon Attempts in Windows 10

Usually we set user login password on Windows 10 to prevent others from getting into the computer. However, even if a user login password is set, your computer might still be hacked through password-guessing attack. To prevent or reduce the risk of someone hacking into your computer, in addition to setting up a strong password, you can limit the number of failed logon attempts in Windows 10, so that your account will be locked out after several failed logon attempts. Now this post will show you how to limit the number of failed logon attempts in Windows 10 by configuring the account lockout policy. There are two ways as follows.


Way 1: Limit the number of failed logon attempts through Local Security Policy

Step 1: Open the Local Security Policy through typing local security policy in the Start menu.

open local security policy

Step 2: Expand the Account Polices under Security Settings, and then click on Account Lockout Policy.

Step 3: Double click on the "Account lockout threshold" to configure the policy.

Click Account Lockout Threshold

Step 4: Select the "Local Security Settings" tab, change the number of invalid logon attempts between 0 and 999, and click Apply. The value of Account lockout threshold is 0 by default, which means the account will not lock out no matter how many logon attempts are failed.

change the number of invalid logon attempts

Step 5: You will get a prompt saying that the settings for the "Account lockout duration" item and "Reset account lockout counter after" item will be changed to the suggested values (30 minutes), click OK, and click OK again. You can change the suggested value to your desired value, if you want to.

Click OK

Way 2: Limit the number of failed logon attempts with Command Prompt

Step 1: Run a Command Prompt as administrator.

Step 2: Type net accounts /lockoutthreshold: (0-999) and press Enter key. For example, I want my account to be locked out after five failed logon attempts, so I type this command shown below and press Enter.

set lockout threshold with cmd

Step 3: If you want to change the account lockout duration, type net accounts /lockoutduration: (0-99999) and press Enter. For example, I set the lockout duration to the suggested value (30 minutes), as shown in the figure below. If you set the account lockout duration to 0, the account will be locked out until administrator unlocks it.

set lockout duration

Conclusion: The above two methods of limiting the number of failed logon attempts take effect immediately without requiring you to restart Windows 10.