Hello,
There is a way to do this from the command line. It is a bit obtuse, but it
works
.
OBLIGATORY WARNING: Improperly changing these settings could render your
computer inoperable.
Step 1 - Create the settings file
- Open notepad
- Copy and paste the following text (between the lines - don't include the
lines) into notepad
---------------------
[Version]
signature="$CHICAGO$"
Revision=1
[System Access]
LockoutBadCount = 0
ResetLockoutCount = 0
LockoutDuration = 0
----------------------
- Change the settings to what you want. Here's a quick and dirty explanation
of the settings:
LockoutBadCount is the account lockout threshold. It is the number of
attempts a user has before their account is locked out. A value of 0 means
unlimited.
LockoutDuration is the account lockout duration. It is the number of minutes
that the account is locked out once a lockout is triggered. If you set
LockoutBadCount, this must have a meaningful value. A value of 0 means that
the account is locked out until an administrator resets it.
ResetLockoutCount is the "Reset account lockout counter after" setting. It
is the amount of time in minutes until the lockout count resets itself to 0
for a specific user after an unsuccessful login attempt. If you set
LockoutBadCount, this must have a meaningful value (between 1 and 99999).
It is recommended that LockoutDuration and ResetLockoutCount have the same
value (unless LockoutDuration is 0).
- In notepad, save the file to your desktop with a filename of sec.txt
Step 2 - Load the settings
- Click start
- Type: cmd.exe
- Right-click cmd.exe when it appears under the "programs" heading
- click Run As Administrator
- In the command prompt, type the following commands exactly as they appear:
cd /d %userprofile%\desktop
secedit /configure /db sec.db /cfg sec.txt /areas securitypolicy
- You should receive a message saying the task has completed successfully
- You can now delete the sec.db and sec.txt files on your desktop
That should do it.
BONUS TIP: You can see all the security settings as they are currently
configured on your computer by issuing this command in an elevated command
prompt:
secedit /export /cfg sec.txt /areas securitypolicy
This will create a settings file named sec.txt with your security policy
settings. You can then load this file into the computer with this command:
secedit /configure /db sec.db /cfg sec.txt /areas securitypolicy
Note again the warning about messing up your computer by changing these
settings.