To prevent access from the unauthorized persons to the Windows user account, you can change the account lockout settings in every Windows OS!
The solution is easy and not only for Windows XP but also, such as the Windows Vista, 7, 8, 8.1 and all other Windows Server operating systems.
For this, open the local security policy of Windows! The best and fastest way is via the keyboard shortcut [Windows logo]+[R] and run (enter) the command secpol.msc /s in Windows Run dialog! (... see Image-1 Arrow-1)
Account lockout duration
determines the number of minutes a locked-out account remains locked out before automatically becoming unlocked in Windows. The available range is from 0 minutes through 99,999 minutes.
Account lockout threshold
determines the number of failed logon attempts that causes a user account to be locked out from Windows. A locked-out windows user account cannot be used until it is reset by an administrator or until the lockout duration for the account has expired.
Reset account lockout counter after
determines the number of minutes that must elapse after a failed logon attempt before the failed logon attempt counter is reset to 0 bad logon attempts. The available range is 1 minute to 99,999 minutes.
(Image-1) Blocking user account access in Windows!