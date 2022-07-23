One of the most common methods to maliciously gain access to an account is through brute force. This means, try thousands of possible password combinations until you find the right one. Many platforms already prevented this with a maximum number of attempts, but Windows was last in this security feature, until now.

Recent Windows 11 updates have ended up adding** an account lockout policy through 10 failed login attempts** for 10 seconds. This is something that applies to any type of account on the computer, including the administrator.

Windows 11 now gets to be much more secure

As we have mentioned before, brute force is used by many hackers to guess passwords with tools that are relatively simple. But in the end through Insider Preview build 22528.10000 and later has been completely blocked by default. This is something that David Weston, a senior Microsoft official, ended up confirming.

@windowsinsider Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors. This technique is very commonly used in Human Operated Ransomware and other attacks – this control will make brute forcing much harder which is awesome! pic.twitter.com/ZluT1cQQh0 — David Weston (DWIZZZLE) (@dwizzzleMSFT) July 20, 2022

Keep in mind that this is a big problem, especially in enterprise networks where the use of remote desktops is really common. In the end, the objective is to introduce ransomware and hijack all the information that exists on a specific server.





This is fully customizable functionality as you can see in the screenshot above via the registry. You just have to follow the path Computer Configuration\Policies\Windows Settings\Security Settings\Account Policies\Account Lockout Policy. Here you can choose the number of attempts that will be allowed before blocking the account, and even the waiting time to wait before trying again.

It should be noted that this is a functionality that is also available in Windows 10, although it is not enabled by default. It is also complemented by the automatic blocking of macros in Office or the authentication applications in Azure whose mission is to improve security in this environment.