Highlights:
- Using an Account Lockout Policy, the most recent Windows 11 release prevents these brute force attacks. After ten failed login attempts, Windows will automatically lock down all accounts, including administrator accounts.
- Some programs can remember which letter and number combinations resulted in a “hit,” after which they will randomly shuffle the remaining letters until they find the entire password.
Threats to your computer come not just from malicious software and dubious emails. Some people will try to brute force their way into your PC by creating as many different passwords as possible until they succeed, much like a lock picker. Now, Windows 11 can halt all of that.
With the help of an Account Lockout Policy, the most recent Windows 11 release prevents these brute force attacks. After 10 failed login attempts, Windows will automatically lock down all accounts, including administrator accounts.
“Default account lockout policies are now present in Win11 builds to reduce RDP and other brute force password vectors,” In a tweet earlier today, David Weston, vice president of security and enterprise at Microsoft, stated. “This control will make brute forcing harder, which is amazing!” said the user. “This technique is extremely frequently used in Human Operated Ransomware and other attacks.”
Computers frequently face risk from brute force assaults, particularly in workplace networks where hundreds of users create their simple passwords. Threat actors use automated password generators to attempt to log into a computer by making billions of password combinations. Some programs can remember which letter and number combinations resulted in a “hit,” after which they randomly shuffle the remaining letters until they find the entire password.
Unlike email phishing software, brute force attacks are operated by a person on the other end, who is aiming particularly at the victim’s machine or network. Once inside, they can upload ransomware directly to the network, locking all connected devices until they receive payment. According to the FBI, these attacks account for 70 to 80 per cent of all enterprise network breaches.
Microsoft ends brute force through the Account Lockout Policy. After 10 unsuccessful attempts to guess the password, the attackers will be immediately locked out. The most current Insider Preview builds of Windows 11 (22528.1000 and newer) include this functionality. Although it won’t be enabled by default, the functionality is also coming to Windows 10 in addition to Windows 11.