How-To

How to Keep Your Windows 10 Device Secure When You Are Away from It

By Andre Da Costa

Updated September 24, 2023

Windows 10 offers a number of features that help you prevent unauthorized access to personal information or company data on your PC.

An unsecured PC—be it at work, at home, or in the coffee shop—is a gateway to your personal information or sensitive company data. Fortunately, Windows includes a number of ways to lock or secure your computer when you are away from it. Whether you are stepping away from your desk to run to the kitchenette or closing up shop for the night, getting in the habit of using these Windows security features will help protect your computer and network from unauthorized users.

How to Manually Lock Your Device Before You Walk Away

The easiest command you can use to lock your PC when you need to leave it unattended is Windows key + L. One quick strike of this keyboard command and your device will be immediately locked. If someone tries to use your PC, they will have to enter your password or log in as a different user.

How to Automatically Lock Your Device After a Period of Inactivity

If you have trouble remembering to press Windows key + L every time you get up from your desk, you can use this as an alternate or backup method. To automatically lock your device after you’ve been away for a certain amount of time, you can require a logon after the screensaver is displayed. Click Start, type: screensaver, hit Enter then check the option On resume, display logon screen. Tweak the wait x minutes setting to your preferences—too short a period and you’ll be locking yourself out whenever you stop to read or ponder something on your PC. Too long a period and someone can easily hop on your PC moments after you’ve walked away.

Enable Dynamic Lock (aka “Windows Goodbye”)

The Windows 10 Creators Update includes a new option called Dynamic Lock, which automatically locks your device when you step away. Click Start > Settings > Accounts > Sign-in options, then under Dynamic Lock, toggle on Allow Windows to detect when you’re away and automatically lock the device.

Users will need to pair their device with Windows 10 for the feature to work. Dynamic Lock works with any phone that supports Bluetooth; for my tests, I used my Lumia 625 just to ensure I had a smooth experience. Check out our article for instructions on how to pair a device using Bluetooth in Windows 10. If you experience trouble trying to pair within the modern settings app, try the instructions on how to do so from the classic Devices and Printers Control Panel.

The feature so far is a hit or miss, it occasionally worked; I was able to get it functioning by resetting my Power Settings to default then a restart. I took a stroll out to my chicken coops and came back, but my screen remained unlocked. So, there is still some refinement to be done, but you probably want to register Windows key + L in your memory muscle.

Additional Security Steps

There are additional options you can enable to make your device secure. These should be used in conjunction with locking your screen— either manually or automatically—when you walk away.

Secure Logon can help prevent attempts at trying to guess your password. For example, if a failed attempted is made at logging in after a certain threshold, the machine is locked for a certain amount of time. In order to enable account lockout policies, the computer must be running Windows 10 Pro.  The first thing you need to do is enable a secure login. Press Windows key + R then type: control userpasswords then hit Enter. Select the Advanced tab then check the box Require users to press Ctrl+Alt+Delete.

Next, press Windows key + R, type: gpedit.msc then hit Enter. Expand Computer Configuration > Windows Settings > Security Settings then select Account Lockout Policy. Double-click Account lockout threshold then choose a number of invalid login attempts. For my purposes, I chose two. Click Apply then OK.

This will automatically apply a default lockout duration, but you can also modify this to be longer.

Editor’s note: The account lockout threshold and account lockout duration are meant to deter brute force password cracking attempts. An account lockout can always be cleared by an administrator, and if you choose an account lockout duration > 0, then the user can automatically try logging in after a certain amount of time. If you choose an account lockout duration of 0, an administrator is required to clear the lockout.

Two Factor authentication can be an important part of securing your device if you use a Microsoft Account. When enabled and configured, this will prevent hackers from easily compromising contents within your account.

And of course, don’t overlook physical security. Many laptops include support for a Kensington lock, which you can use to secure your device in a physical location.

Windows 10 supports other advanced authentication methods too, such as fingerprint readers or the newer sophisticated biometrics like Windows Hello, which uses facial recognition to identify you. Some of these technologies require specific hardware in order to use them. It goes without saying, none of these security measures work without a strong password. Microsoft Office users can also check out our article about encrypting Office documents. For added security, you can also set up BitLocker Drive encryption for your computer and removable storage devices too.