Have you ever thought of monitoring who else tried to log on to your PC or user account behind you, now you can monitor the login details on your Windows PC.
Hi everyone, if you are regular reader of our blog, you must be aware how to apply 4 layer of security on your Windows PC to make it secure. If someone tried to access your account then you can audit the logon details, either if successful or not.
Either it happened on PC or via any Network; you can get more detail about how and when who tried to log on to your PC. You must be aware of many software which try different passwords to gain access to your account, you can always have strong monitoring on these attacks.
You can do all these just in few minute. So let’s start with setting up monitoring.
How to enable Login audit/Log for your Windows
You can set up Audit of Log in attempts and record in your windows by editing group policy. You need to provide Administrator Permission to access the group policy and Event viewer.
Step 1
Hit Start Button and type ‘gpedit.msc’ and hit enter once you find it. Provide the access permission.
Step 2
Navigate as follow
Computer Configuration – Windows Settings – Security Settings – Local policies – Audit policies
On Clicking Audit policies, you’ll see some list in right hand main windows area. Locate the ‘Audit Login event’ and double click on it.
Step 3
Now you’ll notice which option to audit, check on Success and failure both. This means whenever a successful or failed attempt will be made, it will be audited in even log. Click
Apply/OK.
How to View Login Records
You can check the login attempt or log record whenever you wish to. Again you need to be admin of the PC. To check the logs, you need to go to Event Viewer.
Hit start button and Type ‘event viewer’ from start menu click on it and provide the permission if it ask so.
In event viewer, navigate as follows
Windows log – security
In right side, you can view strings like Audit success/Audit failure.
Clicking on each will tell you when and who tried to login to your PC.
Audit success is for Successful Login attempt
Audit failure is for Failed login Attempt.
You can check it frequently and if you want more detail, click on any of the list item, you’ll see more
Security ID, Account name, Account domain, network etc for the login user. You can find and manage the protocol accordingly.
Have safe computing share this post with your friends and let them know.
http://Inteligentcomp.com