Question : What means setting: Reset Account Lockout Counter After

Dear Experts, I found this in a book about account lockout settings
But I dont't understand the third item: "Reset Account Lockout Counter After".
Can someone PLEASE explain it to me?

Account Lockout Threshold
This policy configures the number of invalid logon attempts that will trigger account lockout. The value can be in the range of 0 to 999. A value that is too low (as few as three, for example) may cause lockouts due to normal, human error at logon. A value of 0 will result in accounts never being locked out. The lockout counter is not affected by logons to locked workstations.

Account Lockout Duration
This policy determines the period of time that must pass after a lockout before Active Directory will automatically unlock a users account. The policy is not set by default, as it is useful only in conjunction with the Account Lockout Threshold policy. Although the policy accepts values ranging from 0 to 99999 minutes, or about 10 weeks, a low setting (5 to 15 minutes) is sufficient to reduce attacks significantly without unreasonably affecting legitimate users who are mistakenly locked out. A value of 0 will require the user to contact appropriate administrators to unlock the account manually.

Reset Account Lockout Counter After
This setting specifies the time that must pass after an invalid logon attempt before the counter resets to zero. The range is 1 to 99999 minutes, and must be less than or equal to the account lockout duration.

Greetings,

Peter Kiers

Answer : What means setting: Reset Account Lockout Counter After

As an example; if you set the "Account Lockout Threshold" to 6 and a user gets their password wrong 6 times, their account will be locked out for the time set in "Account Lockout Duration". However, if they got it wrong 2 times, that is recorded and remembered for the time set in "Reset Account Lockout Counter After". Therefore if the latter were set to 24 hours, and a user got their password wrong as stated, 2 times when logging on in the morning, if they connect later that same day, they have only 4 attempts (total of 6) before they will be locked out. It is an accumulative counter. It must be set equal to or grater than Account Lockout Duration.

Random Solutions

IIS 4.0 SMTP "Unknown" Error

What the @#@$@ is Tunnel adapter Teredo Tunneling Pseudo-Interface??

Windows 2000 server 0x00007b inaccessible_boot_device

Need messaging solution within a workgroup

IBM Director Agent software consuming 100% CPU resources every now and then!

Proxy on proxy settings

Can connect to internet at work, but not at home

Does an internet map exist that shows the physical location of IP address?

Linux NFS clients report 'Unknown Error 526' with certain characters in filenames on Novell Netware NFS server

Wire guest access possible on Cisco 2106