Friday 9 October 2020

Windows Account Lockout policy

 When setting up the Windows networks with account lockouts for failed logins I would recommend a 10/10/60 as a baseline

10 Failures over 10 minute with a 60 minute lockout.  the lockout can be longer but I found going lower on the other values can lead to accounts getting locked for Kerberos ticket failures when people leave them self's logged in.

No comments:

Post a Comment