The Microsoft description for the setting "Reset account lockout counter after" reads:
“This security setting determines the number of minutes that must elapse after a failed logon attempt before the failed logon attempt counter is reset to 0 bad logon attempts. “
I’m curious if this means the length of time until the counter resets after the *first* failed logon attempt or the *most recent* failed logon attempt.
For example, assume the account lockout policies are as follows:
- Account lockout threshold: 3 invalid logon attempts
- Account lockout duration: 15 minutes
- Reset account lockout counter after: 15 minutes
userA has a failed logon attempt at 8:00am, the counter will reset at 8:15am (because the Reset account lockout counter after is set to 15 minutes.) But then userA has another bad logon attempt (the second of three invalid logon attempts) at 8:14am (a minute before the counter was to reset), does the counter now bump up by 15 minutes again to reset at 8:29am thus giving userA one more chance of my the original three until 8:29am? Or is the counter reset still set for the original 8:15am (15 minutes from the first invalid logon attempt?)