Windows Vista has a lot of great security features. The trouble is that some very useful ones are not turned on by default.
Account auditing is one of them. Why is it good to have it turned on? Because with it disabled practically anyone with physical or remote access to your computer can attempt breaking into your user account for as long as they like. And you wouldn’t even know about it until it’s too late, because audit security policy is not configured to log any account logons, successful or failed, by default. So a hacker will be able to keep trying until he’s successful.
Turning on account auditing is very important – it will let you see who may be trying to break into your account.
To turn on auditing for failed logon events do the following:
- Go to Start and type secpol.msc, then hit Enter
- Navigate through Local Policies and Audit Policy
- Right-click on Audit account logon events policy and go to Properties
- Check the Failure box and click OK
- Right-click on Audit logon events policy and go to Properties
- Check the Failure box and click OK
- Close Local Security Policy editor
From now on your computer will log all failed logon attempts. You will be able to view these logs in Event Viewer (run eventvwr.msc) under Windows Logs and Security.
![[Connotea]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/connotea.png)
![[del.icio.us]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/delicious.png)
![[Digg]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/digg.png)
![[dzone]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/dzone.png)
![[Facebook]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/facebook.png)
![[Fark]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/fark.png)
![[folkd.com]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/folkd.png)
![[Furl]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/furl.png)
![[Kaboodle]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/kaboodle.png)
![[Mister Wong]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/misterwong.png)
![[Mixx]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/mixx.png)
![[MySpace]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/myspace.png)
![[Propeller]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/propeller.png)
![[Reddit]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/reddit.png)
![[Slashdot]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/slashdot.png)
![[Sphere]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/sphere.png)
![[Sphinn]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/sphinn.png)
![[Squidoo]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/squidoo.png)
![[StumbleUpon]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/stumbleupon.png)
![[Technorati]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/technorati.png)
![[Twitter]](http://www.auslogics.com/en/blog/wp-content/plugins/bookmarkify/twitter.png)
it security policy…
Intriguing idea, but I don’t know if I believe you one hundred percent….