Registry Guide for Windows Registry Guide for Windows
Part of the WinGuides Network 		WinGuides Network and Software
Registry tweaks, tricks & hacks to optimize, enhance and secure Microsoft Windows.

Configure Remote Access Client Account Lockout (Windows 2000/XP)
Category: Home > Security > Remote Access

Download this tweak with Tweak Manager!This tweak can be easily applied using WinGuides Tweak Manager.
Download a free trial now!

You can use the remote access account lockout feature to specify how many times a remote access authentication has to fail against a valid user account before the user is denied access. Use this tweak to set the number of failed logins before the account is locked-out and the time before the lockout is reset.

Open your registry and find the key below.

Create a new DWORD value or modify the existing value called "MaxDenials" and set it to the number of failed logins to lockout the account (or 0 to disable lockout).

Create another DWORD value or modify the existing value called "ResetTime (mins)" and set it to the time in minutes that an account should remained locked-out. The default is 2,880 minutes (two days).

Restart Windows or the Remote Access services for the change to take effect.

Registry Editor Example
|NameTypeData|
|(Default)REG_SZ(value not set)|
|MaxDenialsREG_DWORD0x00000005 (5)|
|ResetTime (mins)REG_DWORD0x00000b40 (2880)|
-
|HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parame...|
-

Settings:
System Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\
Parameters\AccountLockout]
Name: MaxDenials, ResetTime (mins)
Type: REG_DWORD (DWORD Value)

Disclaimer: Modifying the registry can cause serious problems that may require you to reinstall your operating system. We cannot guarantee that problems resulting from modifications to the registry can be solved. Use the information provided at your own risk.

Last Modified: April 1, 2003

 Return to Index Copyright © 1998-2003. All Rights Reserved.  License