When set to 0, the account will remain locked out until an administrator manually unlocks it. When you define the policy, the default time is 30 minutes.
For example, if the account locks out for two hours, the user can try again after that time. There are three options: ■Īccount lockout duration You can specify the time in minutes that the account can be locked out. Thus, numerous failed logons can indicate that someone is trying a brute-force password attack (trying to keep guessing the password until he or she gets it right).
We can usually assume that a legitimate user might type his or her password incorrectly once or twice, but not numerous times.
Account lockout policies are used by administrators to lock out an account when someone tries to log on unsuccessfully several times in a row.
0 kommentar(er)
