Create an Account Lockout Policy
In my last article I showed you how you can protect your computer against anonymous user account attacks by turning on account logon auditing so you could see when someone attempts to remotely logon to your account. Now I am going to help your increase your level of protection with the Account Lockout Policy.
Creating an Account Lockout Policy will protect your account by limiting the number of time a remote application or attacker can try to guess your password. This works by automatically locking out your account after a designated number of incorrect passwords were entered. Your account will remain locked out for a designated period of time before it is automatically unlocked and it can be logged into again. This provides a valuable addition to your account security because it can render brute force password attacks useless. If you have your lockout threshold set to 4 bad attempts and the lockout duration to 15 minutes, an attacker can try to guess your password a maximum of 16 times per hour. Read More»
