HomeWinBuzzer NewsMicrosoft Debuts New Windows Policies to Prevent Brute Force Attacks

Microsoft Debuts New Windows Policies to Prevent Brute Force Attacks

Microsoft says Windows can now automatically block accounts through policies if a brute force attack makes too many password attempts.


says that brute force attacks are one of the most common ways cybercriminals target the Windows operating system. These are threats where the attacker uses trial and error to break through encryptions and passwords. Microsoft Security says it is now implementing tools that limit the number of attempts threat actors have to crack accounts.

In theory, attackers have unlimited attempts to try and break a password. If the password is weak, they will likely guess it eventually. Proper security tools provide protection, but Microsoft wants to go further to cover Windows from brute force attacks.

According to the company, it is adding a local policy that will allow IT admins and security teams to configure Windows to automatically block brute force attempts. All that is needed is a Window system that is still in Microsoft support and receives updates.

Microsoft says the new ability is rolling out from October 11, 2022 in the Windows cumulative update packages for October 2022 Patch Tuesday.

Admins need to enable the feature, which can be done by choosing “Allow Administrator account lockout” policy through Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policies in the Local Group Policy Editor.



In a support blog post, Microsoft also tells users that enabling other options in the Account Lockout Policy is helpful. These entries are Account lockout threshold, Account lockout duration, and Reset Account lockout counter.

Microsoft suggests using a 10/10/10 policy. Essentially, this means Windows will automatically lock an account if there are 10 failed password attempts within a 10-minute period, and then keep the account locked for 10 minutes.

People with new hardware running version 2022 will have the lockout policies on by default.

Tip of the day: The Windows Sandbox gives Windows 10/11 Pro and Enterprise users a safe space to run suspicious apps without risk. In out tutorial we show you how to enable the Windows Sandbox feature.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News