How to Change Account Lockout Threshold in Windows 11

This post shows students and new users steps to change account lock threshold in Windows 11.

Windows 11 now has a new account lockout policy to protect users against brute-force password attack.

The Account lockout threshold policy setting determines the number of failed sign-in attempts that will cause a user account to be locked. A locked account cannot be used until you reset it or until the number of minutes specified by the Account lockout duration policy setting expires.

You can set a value from 1 through 999 failed sign-in attempts, or you can specify that the account will never be locked by setting the value to 0.

Starting with Windows 11 build 22528 and higher, a new default policy are as follows:

  • Account lockout threshold is now set to 10 failed sign-in attempts by default
  • Account lockout duration is now set to 10 minutes by default.
  • Allow Administrator account lockout is now enabled by default.
  • Reset account lockout counter after is now set to 10 minutes by default.

Below is how to change the default account lockout threshold in Windows 11.

How to change account lockout threshold in Windows 11

As mentioned above, Windows 11 now has a new account lockout policy to protect users against brute-force password attack.

Below is how to change the default account lockout threshold in Windows 11.

To lock down Proxy settings in Windows, open Local Group Policy Editor by clicking on the Start menu and searching for Edit group policy as highlighted below.

Under Best match, select Edit group policy to launch Local Group Policy Editor.

windows 11 edit group policy

In the left pane of Local Group Policy Editor, expand the tree: 

 Computer Configuration > Windows Settings > Security Settings > Account Lockout Policy

In the Account Lockout Policy details pane on the right, locate and double-click the setting Account lockout threshold.

windows 11 account lockout threshold change

In the Account lockout threshold Properties window, choose a number of invalid logon attempts before an account is locked.

windows 11 change account lockout threshold

Select OK.

Close Local Group Policy Editor.

Alternatively, users can use Windows Terminal to change the account lockout threshold in Windows 11.

o do that, first open Windows Terminal as administrator and select either Windows PowerShell or Command Prompt.

windows terminal run as administrator

Once opened, run the command below to change the account lockout threshold in Windows 11.

net accounts /lockoutthreshold:<number>

Change the <number> to the number of invalid logon attempts before an account is locked.

That should do it!

Conclusion:

This post showed students and new users how the change the account lockout threshold in Windows 11. If you find any error above or have something to share, please use the comment form below.

1 Comment

Leave a Comment

Your email address will not be published.