Windows allows you to temporarily block your account after too many failed login attempts. An additional security measure that avoids the risk of someone accessing your documents when your back is turned, and allows you to see that someone has tried to connect without your consent!
Normally, Windows allows as many login attempts as you want. Unless, of course, you have disabled the password at login. For more security, it is also possible to limit the number of possible unsuccessful attempts. This will have the effect of blocking your account for a certain period of time.
This trick works from Windows 7. If you are using Windows 8 or Windows 10, you will first need to make sure that you are using a local account, and not your Microsoft account. This allows other security measures, such as double factor identification. But does not allow you to temporarily block your account after too many unsuccessful login attempts.
We will soon explain in a guide how to switch from a Microsoft account to a local account.
Get your session blocked after too many fake passwords
This trick uses a command prompt in administrator mode. To launch like this cmd.exe there are several solutions. The simplest is probably to press the keys Windows + X or right-click on the menu Start then click on Command Prompt (Administrator).
You can also, for example, fetch cmd.exe in the file System32 and open it in administrator mode by clicking on the corresponding option in the context menu. Once the window cmd.exe opened :
- type net accounts followed by the key Starter
- You will then have access to the current system security policy, which should give a result similar to the capture below:
In our example, we will set the maximum number of unsuccessful attempts to three, but you can choose any number. Note that in these command line utilities, this is called “Blocking Threshold” or, in the text, lockout threshold.
- So type net /lockoutthreshold:3 followed by the key Starter
We are now going to define the duration of the blocking, which gives in English duration. This is expressed in minutes in the tool NET.
- You might have guessed it, so tap now net /lockoutduration:10 in case you want to block the account for 10 minutes.
Watch out, it's not over! Now you have to tell Windows how long the counter for unsuccessful login attempts is reset (Lockout windows). It seems logical here to model this duration on that of the blocking.
- So the command is net /lockoutwindow:10 again for 10 minutes.
So, the system is in place. And if you want to disable the limitation of attempts later just go through the command net /lockoutthreshold:0 from the command prompt with elevated privileges (administrator mode). Nothing will ever be shown on the login screen but this layout will behave as expected.
- To read also: Windows 10, how to unlock secret settings
When the number of fake logins is reached, it will simply be indicated that the account has been blocked and that you cannot log in. Wait 10 minutes to log in with the correct password!
The editorial advises you:
- Netflix: too many people are using your account, how to identify and block intruders
- Gmail: how to block (and unblock) an email address