account lockout: attempts during the lockout
From: James Owens (ad354_at_FreeNet.Carleton.CA)
Date: 07/02/03
- Previous message: Michael Hilton: "Re: Changing Windows system/user accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 2 Jul 2003 15:00:58 GMT
Referring to the account lockout feature of Win2K, which uses three settings:
- Account Lockout Threshold: the number of failed logins that will cause a
lockout
- Account Lockout Duration: the time before a locked out account is unlocked
- Reset Account Lockout After: the time after a failed login until the
failed login counter is reset to zero
What happens if a user who is chronically mistyping the username or
password gets locked out, but instead of waiting the full Duration, goes
to another WS and tries to log in? Is this ignored, so that after the
initial Duration elapses, the account is unlocked? Or does it cause the
Reset to start counting down failed logins again, and if enough are
detected, to start the Duration again from scratch? (This would result in
the user extending the lockout period by trying to log in during the
lockout period.)
--
"For it is only of the new one grows tired. Of the old one never tires."
-- Kierkegaard, _Repetition_
James Owens, Ottawa, Canada
- Previous message: Michael Hilton: "Re: Changing Windows system/user accounts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
