Provided is a method for locking computer resources and for accessing locked computer resources. Resources being used by remote users can be locked such that other remote users and local users have restricted access to those resources. The remote user provides the resource to be locked, the type of lock to place on the resource and the duration of the lock. If the resource is available and the user has the proper credentials and the proper access permissions, the resource is locked and a lock token is provided to the remote user. A resource handle is also provided to the remote user. Once a resource has been locked, the lock token must be provided and verified before access to the resource is granted. Because the locks can be discovered, a security token of the owner of the lock is associated with the lock token. The security token of the remote user must also match the security token associated with the stored lock token before access to the resource is granted. The locks can either expire or be refreshed. If a lock expires, it is removed from memory and the resource handle is released. Also, particular user agents are given a fixed lock token in order to access system resources. These particular agents view the resource as locked, but the non-unique fixed lock token indicates to the system that the resource is not in fact locked. Other particular agents are given an extended timeout period to account for real time latencies of the computer system.