Microsoft says that brute force attacks are one of the most common ways cybercriminals target the Windows operating system. These are threats where the attacker uses trial and error to break through encryptions and passwords. Microsoft Security says it is now implementing tools that limit the number of attempts threat actors have to crack accounts.
In theory, attackers have unlimited attempts to try and break a password. If the password is weak, they will likely guess it eventually. Proper security tools provide protection, but Microsoft wants to go further to cover Windows from brute force attacks.
According to the company, it is adding a local policy that will allow IT admins and security teams to configure Windows to automatically block brute force attempts. All that is needed is a Window system that is still in Microsoft support and receives updates.
Microsoft says the new ability is rolling out from October 11, 2022 in the Windows cumulative update packages for October 2022 Patch Tuesday.
Admins need to enable the feature, which can be done by choosing “Allow Administrator account lockout” policy through Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policies in the Local Group Policy Editor.
In a support blog post, Microsoft also tells users that enabling other options in the Account Lockout Policy is helpful. These entries are Account lockout threshold, Account lockout duration, and Reset Account lockout counter.
Microsoft suggests using a 10/10/10 policy. Essentially, this means Windows will automatically lock an account if there are 10 failed password attempts within a 10-minute period, and then keep the account locked for 10 minutes.
People with new hardware running Windows 11 version 2022 will have the lockout policies on by default.
Tip of the day: The Windows Sandbox gives Windows 10/11 Pro and Enterprise users a safe space to run suspicious apps without risk. In out tutorial we show you how to enable the Windows Sandbox feature.