How To Block Failed Login Attempts In Windows 7

Step 1 – Launch CMD as an administrator
Click the Start Menu Orb and Type cmd into the search box. Under the programs list that appears Right-Click cmd.exe and Select Run as administrator from the context menu.
Step 2
In the command line, Type in the following command:
net accounts /lockoutthreshold:10
You can replace the number 10 with any number you like, this will determine how many incorrect password attempts can occur before a lockout is initiated. Personally, 20 or even 30 should be fine but 10 is a good number for most people even if you commonly fat finger your password.
Step 3 – Set the account lockout duration
By default, when your account is locked due to the X failed attempts you set above, your account will be locked out for 30 minutes. I personally think that’s a bit excessive. My recommendation is you change it to something like 3 or 5 minutes so even if you fat finger your password, you only need to wait a few minutes to try your password again. You can change this using the following command:
net accounts /lockoutduration:30
The lockout duration can be set to any value between 1 and 99,999 minutes.* If you set it to 0, the account will be locked until an Admin unlocks it… Don’t do that.
*This range varies depending on which version of Windows 7 you are running.
Done!
Now whenever someone attempts to break into your computer by guessing your password Windows will lock them out!
3 Comments
Leave a Reply
Leave a Reply

Alex
Thanks. This is very handy. I just wonder how would you check the current status? I believe we have it set already by GPO. Thanks
Mary McDonald
I tried this on my Win7/system32 laptop and was told that ‘/’ was not a valid command, it did not recognize ‘lockoutthreshold’ and & wanted a vertical bar, not a colon after the ‘forcelogoff’ command. After several attempts it accepted part of the syntax “net accounts \ forcelogoff|10”. It did not accept “10” after the vertical bar. The message said: ’10’ is not recognized as an internal or external command, operable program or batch file. When I typed ‘net accounts’ (by itself), it gave me a listing of settings, which included ‘NEVER’ for the Lockout Threshold. Lockout duration is 30 minutes. Any suggestions?
brett
Ya, go re-install windows 7, seems like someone messed up your +COM files or your firewall / antivirus over ride your base settings. try using outpost firewall with a separate antivirus i.e. nod32 by eset