In my city there was a recent incident that some hackers login to a server by using brute force attack on RDP. I have got a server and I want to enable some security policy to lockout the account if more than 3 constitutive unsuccessful attempts occurs. I have not idea how to implement it?
Could someone please show me the correct direction?
Thank you!
Best Answer
You're thinking about this the wrong way around. RDP should not be accessible from the Internet. Ever.
But... you can specify the number of failed logon attempts before that user account is locked out using local security policy (Security Settings - Account Policies - Account Lockout Policies). However if I recall correctly Account Lockout Policies are not applied to the local administrator account.