See failed logons in Windows 10

windows windows-10 login
11,102

Yes it is possible. But first you have to enable it in your group policy.

  1. Press Win + R and enter gpedit.msc (folowed by pressing return)
  2. Click through the following tree:

    Computer Configuration → Windows Settings → Security Settings → Local Policies → Audit Policy

  3. On the right panel double-click Audit logon events
  4. Mark Success and Failure (if you want both to be logged)
  5. Confirm those settings by pressing the OK button

You can now find your Audit Failure and Success entries in your eventviewer:

  1. Press Win + R and enter eventvwr (followed by pressing return)
  2. Open the Windows Logs Tree and click on Security

There you will find all entries.

You can also create a filter to only show your successful and failed logon attempts:

  1. On the eventviewer click on Filter Current Log...
  2. Change <All event IDs> to 4624,4625

The eventID 4624 shows your successful attempts, thereas 4625 shows the failed ones.

Remember: you will only find those attempts being logged since you've changed the group policy! So you can't see it for the past.

Share:
11,102

Related videos on Youtube

H. Pauwelyn
Author by

H. Pauwelyn

I'm H. Pauwelyn, I'm working as software and web engineer at Savaco loving AI, robotics, new media, IoT, domotics, the cloud and Lego. The most common programming languages I use are C#, JavaScript, TypeScript and SQL.

Updated on September 18, 2022

Comments

  • H. Pauwelyn
    H. Pauwelyn almost 2 years

    I understand that you can see failed logons in Windows 10 - how can I do that?

    Also, can you filter that by failed or successful logins? This is for Windows 10, Home Edition.

  • H. Pauwelyn
    H. Pauwelyn almost 9 years
    Sorry, but he can't find gpedit.msc.
  • A1985
    A1985 almost 9 years
    Ah you are using the home version... There is no group policy editor included. However you can install it. You can find a how to on the following page: askvg.com/… Even though it's saying that it's for Windows 7 it should be working on Windows 10 too.
  • JW0914
    JW0914 almost 7 years
    Is Local Security Policy [secpol.msc] also not included in Home? If it is, Security Settings - Local Policies - Audit Policy

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Windows 10 Logon Script Execution location
Is it possible to require a TOTP on Windows Login using existing or custom software?
Auto/Automated login after Wake On Lan
Windows preload software before login
Enable auto sign-in on Windows 10
Windows 10 select default login option
Why does Windows magically "couple" some files like this?
Could not initialize class org.codehaus.groovy.reflection.ReflectionCache
MDT 2013 Update 1 - Stalling at "Processing Bootstrap Settings"
Displaying GUI Application in Docker Container on Windows 10 Host Without Linux Servers