How to Record who logged or try to login on PC

How to Record who logged or try to login on PC


Have you ever thought of monitoring who else tried to log on to your PC or user account behind you, now you can monitor the login details on your Windows PC.

Hi everyone, if you are regular reader of our blog, you must be aware how to apply 4 layer of security on your Windows PC to make it secure. If someone tried to access your account then you can audit the logon details, either if successful or not.

Either it happened on PC or via any Network; you can get more detail about how and when who tried to log on to your PC. You must be aware of many software which try different passwords to gain access to your account, you can always have strong monitoring on these attacks.


You can do all these just in few minute. So let’s start with setting up monitoring.

How to enable Login audit/Log for your Windows

You can set up Audit of Log in attempts and record in your windows by editing group policy. You need to provide Administrator Permission to access the group policy and Event viewer.


Step 1
Hit Start Button and type ‘gpedit.msc’ and hit enter once you find it. Provide the access permission.


Step 2
Navigate as follow
Computer Configuration – Windows Settings – Security Settings – Local policies – Audit policies



On Clicking Audit policies, you’ll see some list in right hand main windows area. Locate the ‘Audit Login event’ and double click on it.

Step 3
Now you’ll notice which option to audit, check on Success and failure both. This means whenever a successful or failed attempt will be made, it will be audited in even log. Click 



Apply/OK.


How to View Login Records

You can check the login attempt or log record whenever you wish to. Again you need to be admin of the PC. To check the logs, you need to go to Event Viewer.

Hit start button and Type ‘event viewer’ from start menu click on it and provide the permission if it ask so.



In event viewer, navigate as follows
Windows log – security



In right side, you can view strings like Audit success/Audit failure.

Clicking on each will tell you when and who tried to login to your PC.


Audit success is for Successful Login attempt

Audit failure is for Failed login Attempt.



You can check it frequently and if you want more detail, click on any of the list item, you’ll see more
Security ID, Account name, Account domain, network etc for the login user. You can find and manage the protocol accordingly.
Have safe computing share this post with your friends and let them know. 

Unknown

Unknown

No comments :

Post a Comment

Subscribe to: Post Comments ( Atom )
Powered by Blogger.