Account Lockout Policy
The Account Lockout node contains the options that control when a user's account will be locked out, or disabled from use, if too many password attempts fail. This is used to make sure that a user's account is not easily compromised if an attacker is trying to determine the user's password. Following are the options contained within this node:
Account Lockout Duration This option specifies how long an account remains in a locked-out state. If it's set to 0, the administrator will have to unlock the account manually. If it's set to any other value, the system will automatically unlock the user's account after the number of minutes specified.
Account Lockout Threshold This option defines the number of attempts that can be made to enter the correct password. Once this number is exceeded, the account will become locked out.
Reset Account Lockout Counter After This option defines the amount of time in minutes that must elapse after a failed logon attempt before the counter is reset to 0. After an invalid password entry is made, the account-lockout counter is incremented by 1. If this number is set to 0, the account lockout counter is reset as soon as the password is entered correctly.
Average user rating: 5 stars out of 1 votes
Post a comment