Registry Home > Security > Remote Access

Configure Remote Access Client Account Lockout (Windows 2000/XP)

You can use the remote access account lockout feature to specify how many times a remote access authentication has to fail against a valid user account before the user is denied access. Use this tweak to set the number of failed logins before the account is locked-out and the time before the lockout is reset.

This tweak can be easily applied using WinGuides Tweak Manager.
Download a free trial now!

Open your registry and find the key below.

Create a new DWORD value or modify the existing value called "MaxDenials" and set it to the number of failed logins to lockout the account (or 0 to disable lockout).

Create another DWORD value or modify the existing value called "ResetTime (mins)" and set it to the time in minutes that an account should remained locked-out. The default is 2,880 minutes (two days).

Restart Windows or the Remote Access services for the change to take effect.

Registry Editor Example
|NameTypeData|
|(Default)REG_SZ(value not set)|
|MaxDenialsREG_DWORD0x00000005 (5)|
|ResetTime (mins)REG_DWORD0x00000b40 (2880)|
-
|HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteA...|
-
Registry Settings
System Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\
Parameters\AccountLockout]
Value Name: MaxDenials, ResetTime (mins)
Data Type: REG_DWORD (DWORD Value)

>> Recommended Download - check, repair and optimize your registry now with Registry Mechanic <<

Disclaimer: Modifying the registry can cause serious problems that may require you to reinstall your operating system. We cannot guarantee that problems resulting from modifications to the registry can be solved. Use the information provided at your own risk.

Last modified: April 1, 2003