网站用户密码猜测工具_如果有人尝试猜测您的密码，如何临时锁定您的PC

网站用户密码猜测工具

If you’re worried about someone trying to guess your Windows password, you can have Windows temporarily block sign in attempts after a specific number of failed attempts.

如果您担心有人试图猜测您的Windows密码，则可以让Windows在特定次数的尝试失败后暂时阻止登录尝试。

Assuming you haven’t set Windows up to sign you in automatically, Windows allows an unlimited number of password attempts for local user accounts at the sign in screen. While it’s handy if you can’t remember your password, it also offers other people who have physical access to your PC an unlimited number of tries to get in. While there are still ways people can bypass or reset a password, setting up your PC to temporarily suspend sign in attempts after several failed attempts can at least help prevent casual break-in attempts if you’re using a local user account. Here’s how to get it set up.

假设您尚未将Windows设置为自动登录 ，则Windows允许在登录屏幕上对本地用户帐户进行无数次密码尝试。 如果您忘记了密码，这很方便，但它也为其他可以物理访问您PC的人提供了无限次数的尝试机会。尽管仍有许多人可以绕过或重设密码 ，然后设置PC如果您使用的是本地用户帐户，则在几次尝试失败后暂时中止登录尝试至少可以帮助防止偶然的闯入尝试。 这是设置方法。

A couple of quick notes before you get started. Using this setting can let somebody prank you by incorrectly entering the password several times and thus locking you out of your PC for a time. It would be wise to have another administrator account that can unlock the regular account.

在您开始之前，请先简单介绍几个注意事项。 使用此设置可以使某些人不正确地输入密码，从而使您恶作剧，从而使您暂时无法进入PC。 拥有另一个可以解锁普通帐户的管理员帐户是明智的。

Also, these settings only apply to local user accounts, and will not work if you sign on to Windows 8 or 10 using a Microsoft account. If you want to use the lockout settings, you’d need to revert your Microsoft account to a local one first. If you prefer to keep using your Microsoft account, you can head to your security settings page and log in. There, you’ll be able to change things like adding two-step verification, setting up trusted devices, and more. Unfortunately, there is no lockout setting for Microsoft accounts that works like the one we’re covering here for local accounts. However, these settings will work just fine for local user accounts in Windows 7, 8, and 10.

另外，这些设置仅适用于本地用户帐户 ，如果您使用Microsoft帐户登录Windows 8或10，则这些设置将不起作用。 如果要使用锁定设置，则需要先将Microsoft帐户还原为本地帐户 。 如果您希望继续使用Microsoft帐户，则可以转到安全设置页面并登录。在那里，您可以更改诸如添加两步验证，设置受信任设备等内容。 不幸的是，没有Microsoft帐户的锁定设置可以像我们在此处介绍的本地帐户那样进行锁定。 但是，对于Windows 7、8和10中的本地用户帐户，这些设置将可以正常使用。

家庭用户：使用命令提示符设置登录限制 (Home Users: Set a Sign In Limit with the Command Prompt)

If you’re using a Home edition of Windows, you’ll need to use the Command Prompt to set a limit on sign in attempts. You can also set the limit this way if you’re using a Pro or Enterprise edition of Windows, but if you are using one of those editions you can do it much more easily using the Local Group Policy Editor (which we cover a bit later in this article).

如果您使用的是Windows的家庭版，则需要使用命令提示符来设置登录尝试的限制。 如果您使用的是Pro或Enterprise版本的Windows，也可以用这种方式设置限制，但是如果使用的是其中一个版本，则可以使用“本地组策略编辑器”(稍后介绍)更轻松地进行设置。在这篇文章中)。

Please note that you’ll need to complete all of the following instructions or you could end up locking yourself out completely.

请注意，您需要完成以下所有说明，否则可能会完全将自己锁定。

To start, you’ll need to open the Command Prompt with administrative privileges. Right-click the Start menu (or hit Windows+X on your keyboard) to open the Power Users menu, then click “Command Prompt (Admin).”

首先，您需要使用管理权限打开命令提示符。 右键单击“开始”菜单(或按键盘上的Windows + X)以打开“高级用户”菜单，然后单击“命令提示符(管理员)”。

Note: If you see PowerShell instead of Command Prompt on the Power Users menu, that’s a switch that came about with the Creators Update for Windows 10. It’s very easy to switch back to showing the Command Prompt on the Power Users menu if you want, or you can give PowerShell a try. You can do pretty much everything in PowerShell that you can do in Command Prompt, plus a lot of other useful things.

注意 ：如果您在Power Users菜单上看到PowerShell而不是Command Prompt，那是Windows 10的Creators Update附带的开关。 如果需要，可以很容易地切换回在“高级用户”菜单上显示命令提示符 ，或者可以尝试使用PowerShell。 您可以在PowerShell中完成几乎可以在命令提示符中执行的所有操作，以及许多其他有用的操作。

At the prompt, type the following command and then hit Enter:

在提示符下，键入以下命令，然后按Enter：

net accounts

This command lists your current password policy, which by default should be “Lockout threshold: Never,” which means that your account will not lock you out no matter how many times a password is entered incorrectly.

此命令列出了您当前的密码策略，默认情况下应为“锁定阈值：从不” ，这意味着无论输入了多少次密码错误，您的帐户都不会将您锁定。

You’ll start by setting the lockout threshold to the number of failed sign in attempts you want to allow before sign in is temporarily locked. You can set the number to anything you like, but we recommend setting it to at least three. This way, you have room to accidentally type the wrong password a time or two before locking yourself out. Just type the following following command, substituting the number at the end with the number of failed password attempts you want to allow.

首先，将锁定阈值设置为暂时锁定登录之前要允许的失败登录尝试次数。 您可以将数字设置为任意值，但我们建议至少将其设置为三个。 这样，您就有机会在锁定自己之前一两次偶然输入错误的密码。 只需键入以下命令，最后用您要允许的失败密码尝试次数替换该数字即可。

net accounts /lockoutthreshold:3

Now, you’re going to set a lockout duration. This number specifies how long, in minutes, an account will be locked out if the threshold for failed password attempts is reached. We recommend 30 minutes, but you can set whatever you like here.

现在，您将设置锁定持续时间。 此数字指定如果达到密码尝试失败的阈值，帐户将被锁定多长时间(以分钟为单位)。 我们建议30分钟，但您可以在此处进行任何设置。

net accounts /lockoutduration:30

And finally, you’re going to set a lockout window. This number specifies how long in minutes before the counter for failed password attempts is reset, assuming the actual lockout threshold is not reached. So, for example, say the lockout duration is 30 minutes and the lockout threshold is three attempts. You could could enter two bad passwords, wait 30 minutes after the last bad password attempt, and then have three more tries.  Set the lockout window using the following command, replacing the number at the end with the number of minutes you want to use. Again, we feel like 30 minutes is a good amount of time.

最后，您将设置一个锁定窗口。 此数字指定在未达到实际锁定阈值的情况下，重置尝试密码失败的计数器之前需要等待的分钟数。 因此，例如，锁定时间为30分钟，锁定阈值为3次尝试。 您可以输入两个错误的密码，在最后一次尝试输入错误密码后等待30分钟，然后再尝试三个。 使用以下命令设置锁定窗口，将末尾的数字替换为您要使用的分钟数。 同样，我们觉得30分钟是很长的时间。

net accounts /lockoutwindow:30

When you’re done, you can use the net accounts command again to review your settings. They should look something like the settings below, depending on what you chose.

完成后，您可以再次使用net account命令来查看您的设置。 它们应该看起来像下面的设置，具体取决于您选择的内容。

Now you’re all set.  Your account will automatically prevent people from logging in if the password is entered incorrectly too many times.  If you ever want to change or remove the settings, just repeat the steps with the new options you want.

现在您已经准备就绪。 如果密码输入错误太多次，您的帐户将自动阻止用户登录。 如果要更改或删除设置，只需使用所需的新选项重复这些步骤。

And here’s how it works in practice. The sign in screen gives no indication that a lockout threshold is in place or how many attempts you have. Everything will appear as it always does until you enter enough failed password attempts to meet the threshold. At that point, you’ll be given the following message. And again, there is no indication about how long the account is locked out.

这就是它在实践中的工作方式。 登录屏幕上没有任何迹象表明存在锁定阈值或您尝试了多少次。 一切都会照常出现，直到您输入足够的失败密码尝试达到阈值为止。 届时，您将收到以下消息。 同样，没有迹象表明该帐户被锁定了多长时间。

If you want to turn the setting off, all you have to do is go back into an administrative command prompt and set the account threshold to 0 using the following command.

如果要关闭该设置，您要做的就是回到管理命令提示符，然后使用以下命令将帐户阈值设置为0。

net accounts /lockoutthreshold:0

You don’t need to worry about the other two settings. When you set the lockout threshold to 0, the lockout duration and lockout window settings become inapplicable.

您无需担心其他两个设置。 将锁定阈值设置为0时，锁定持续时间和锁定窗口设置将不适用。

专业版和企业版用户：使用本地组策略编辑器设置登录限制 (Pro and Enterprise Users: Set a Sign In Limit with Local Group Policy Editor)

If you’re using a Pro or Enterprise edition, the easiest way to set a sign in limit is with the Local Group Policy Editor. An important note, though: if your PC is part of a company network, it’s very likely that group policy settings governing the sign in limit are already set at the domain level and will supersede anything you set in local group policy. And if you are part of a company network, you should always check with your admin before making changes like this, anyway.

如果您使用的是Pro或Enterprise版本，则设置登录限制的最简单方法是使用本地组策略编辑器。 不过，重要的提示是：如果您的PC是公司网络的一部分，则很有可能已经在域级别设置了用于管理登录限制的组策略设置，并将取代您在本地组策略中设置的任何内容。 而且，如果您是公司网络的一部分，则在进行此类更改之前，应始终与管理员联系。

Group policy is a powerful tool. If you haven’t used it before, we suggest learning a little more about what it can do before you get started. Also, if you want to apply a policy to only specific users on a PC, you’ll need to perform a few extra steps to get things set up.

组策略是一个强大的工具。 如果您以前从未使用过它，建议您在开始使用之前先了解一些有关它可以做什么的知识。 另外，如果您只想对PC上的特定用户应用策略 ，则需要执行一些额外的步骤来进行设置。

To open Local Group Policy Editor, hit Start, type “gpedit.msc,” and then click the result. Alternatively, if you want to apply the policy to specific users or groups, open the MSC file you created for those users.

要打开本地组策略编辑器，请单击“开始”，键入“ gpedit.msc”，然后单击结果。 或者，如果要将策略应用于特定用户或组，请打开为这些用户创建的MSC文件 。

In Local Group Policy Editor, on the left-hand side, drill down to Computer Configuration > Windows Settings > Security Settings > Account Policies > Account Lockout Policy. On the right-hand side, double-click the “Account lockout threshold” setting.

在本地组策略编辑器的左侧，深入到“计算机配置”>“ Windows设置”>“安全设置”>“帐户策略”>“帐户锁定策略”。 在右侧，双击“帐户锁定阈值”设置。

In the setting’s properties window, note that by default, it’s set “0 invalid logon attempts,” which effectively means that the setting is turned off. To change this, just select a new number greater than one. We recommend setting this to at least three to help ensure you don’t get locked out of your own system when you accidentally type the wrong password yourself. Click “OK” when you’re done.

在设置的属性窗口中，请注意，默认情况下，它设置为“ 0次无效登录尝试”，这实际上意味着该设置已关闭。 要更改此设置，只需选择一个大于1的新数字。 我们建议将此值至少设置为三个，以确保当您不小心键入错误的密码时，不会将您锁定在自己的系统之外。 完成后，单击“确定”。

Windows now automatically configures the two related settings to thirty minutes. “Account lockout duration” controls how long the PC is locked against further sign in attempts when the account lockout threshold you set is met. “Reset account lockout counter after” controls how much time must pass after the last failed password attempt before the threshold counter is reset. For example, say you enter an invalid password and then enter another invalid password right away, but you do not try a third time. Thirty minutes after that second attempt (at least, going by the settings we’ve used here), the counter would reset and you could have another three tries.

Windows现在自动将两个相关设置配置为30分钟。 “帐户锁定持续时间”控制在达到您设置的帐户锁定阈值时，PC被锁定以防止进一步登录尝试的时间。 “之后重置帐户锁定计数器”控制在上次密码尝试失败后必须经过多少时间才能重置阈值计数器。 例如，假设您输入了无效的密码，然后立即输入了另一个无效的密码，但是您没有第三次尝试。 第二次尝试后三十分钟(至少，按照我们在此处使用的设置进行操作)，计数器将重置，您可以再尝试三遍。

You can’t change these values here, so just go ahead and click the “OK” button.

您无法在此处更改这些值，因此只需继续并单击“确定”按钮即可。

Back in the main Local Group Policy Editor window, you’ll see that all three settings in the “Account Lockout Policy” folder have changed to reflect the new configuration. You can change any of the settings by double-clicking them to open their properties windows, but honestly thirty minutes is a pretty solid setting for both lockout duration and resetting the lockout counter.

返回“本地组策略编辑器”主窗口，您将看到“帐户锁定策略”文件夹中的所有三个设置均已更改，以反映新的配置。 您可以通过双击它们来打开其属性窗口来更改任何设置，但是说实话，对于锁定持续时间和重置锁定计数器来说，三十分钟是相当不错的设置。

Once you’ve settled on the settings you want to use, close Local Group Policy Editor. The settings take place immediately, but since they affect sign in, you’ll have to sign out and back in to see the policy in effect. And if you want to turn the whole thing off again, just go back in and change the “Account lockout threshold” setting back to 0.

确定要使用的设置后，请关闭“本地组策略编辑器”。 设置会立即进行，但是由于它们会影响登录，因此您必须先注销然后重新登录才能看到有效的策略。 而且，如果您想再次关闭整个设备，只需返回，然后将“帐户锁定阈值”设置更改为0。

翻译自: https://www.howtogeek.com/howto/29395/temporarily-lock-your-pc-if-somebody-tries-to-guess-your-password/

网站用户密码猜测工具