With the Account Lockout policy in place, you can now enable auditing to see any account attacks which can sometimes come in handy to check unauthorized usage of your Pc. To turn on auditing for failed log-on events, do the following:

Name: Now Audit Your Attackers.jpg Views: 82 Size: 34.3 KB

1. Clic;k the Stan button, type secpol.msc, and click the secpol icon.

2. Click on Local Policies and then Audit Policy.

3. Right-dick on Audit account logon events policy and select Propenies.

4. Check the Failure box and click OK.

5. Right-click on Audit logon events policy and select Propenies.

6. Check the Failure box and click OK.

7. Close the Local Security Policy window.

You can then use the Event Viewer (by running eventvwr.msc) to view the logs under Windows Logs and Security.