Details

Account lockout threshold



This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout duration for the account has expired. You can set a value between 0 and 999 failed logon attempts. If you set the value to 0, the account will never be locked out.



Failed password attempts against workstations or member servers that have been locked using either CTRL+ALT+DELETE or password-protected screen savers count as failed logon attempts.



Default: 0.


Solution

Policy Path: Account Policies\Account Lockout Policy
Policy Name: Interactive logon: Account lockout threshold


Supportive Information

The following resource is also helpful.

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.


References


Source