Tweaking Password Policy: Altering Reset Value After Failed Attempts

Tweaking Password Policy: Altering Reset Value After Failed Attempts

Richard Lv13

Tweaking Password Policy: Altering Reset Value After Failed Attempts

Enter the wrong local account password too many times and Windows could lock you out. The system also counts how many failed attempts you make when attempting to sign on to the machine.

Exceed this threshold and you will need this counter to be reset, which you can do by waiting a set amount of time. Here’s how to change the time you must wait in order for the counter to be automatically reset.

Disclaimer: This post includes affiliate links

If you click on a link and make a purchase, I may receive a commission at no extra cost to you.

Reset the Windows Account Lockout Counter in Windows via Local Security Policy

This method should be your preferred choice if the system is running the Pro, Enterprise, or Education edition of Windows 10 or 11.

  1. Press the Windows key + R to open the Run dialogue.
  2. In the text field, type “secpol.msc” and hit Enter.
    Opening security policy via Run option
  3. On the left pane, navigate to Account Lockout Policy under the Account Policies folder.
    Change Windows account lockout in Security Policy
  4. On the right pane, double-click on the Reset account lockout counter after option.
    Windows account logon counter setting
  5. Choose a number between one and 99,999, and hit OK to change how long the system will require to automatically reset any failed logon attempts.
    Set Windows account logon reset timer

How to Change Account Lockout Counter Reset Time via Command Prompt

If the system you’re working with isn’t running the Pro, Enterprise, or Education edition of Windows 10 or 11, you’ll have to change how long before the account lockout counter is reset via the command prompt.

  1. Open command prompt as administrator, also called the elevated command prompt , or Windows PowerShell.
  2. Type the following command into the console and hit Enter:
    net accounts
    Using the command prompt to list Windows account policies
  3. This will pull up information on how long a user has to wait before their account lockout counter is reset. It will be under the heading Lockout observation window.
  1. To change the account lockout counter reset duration on Windows 10 and 11, type the following command into the console and hit Enter:
    net accounts /lockoutwindow:60
    Use the command prompt to change account lockout counter
  2. Replace the number “60” in the command with any other number from one to 99,999 to set how many minutes a user will have to wait before their failed logon attempts are reset.

A related setting, the account lock-out duration , must equal or exceed the time for the system to automatically reset the number of failed login attempts. If you want, you can change the account lock-out duration on Windows to something that suits you best.

You can also limit the number of failed logon attempts on Windows with a similar setting change.

https://techidaily.com

Control How Long Before the Incorrect Logon Counter Is Reset

With this setting, you control how long before the counter that keeps track of incorrect logon attempts is reset. Use it in conjunction with the lockout duration option account policy to make things more convenient for local users.

Exceed this threshold and you will need this counter to be reset, which you can do by waiting a set amount of time. Here’s how to change the time you must wait in order for the counter to be automatically reset.

Also read:

  • Title: Tweaking Password Policy: Altering Reset Value After Failed Attempts
  • Author: Richard
  • Created at : 2024-10-30 18:39:01
  • Updated at : 2024-11-01 17:27:21
  • Link: https://win11-tips.techidaily.com/tweaking-password-policy-altering-reset-value-after-failed-attempts/
  • License: This work is licensed under CC BY-NC-SA 4.0.