Windows 11 now stops brute force cyberattacks right in their tracks

Not all threats to your computer come from viruses and dodgy emails. Some people will simply try to smash their way into your PC by generating as many passwords as possible until they gain access, like a lock picker. Windows 11 can now stop that.

The most recent Windows 11 build blocks these brute force attacks with an Account Lockout Policy. Windows will automatically lock down accounts, including administrator accounts, after 10 failed login attempts.

“Win11 builds now have a default account lockout policy to mitigate RDP and other brute force password vectors.” said David Weston, Microsoft vice president of Sscurity and enterprise in a tweet earlier today. “This technique is very commonly used in Human Operated Ransomware and other attacks — this control will make brute forcing much harder, which is awesome!”

@windowsinsider Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors. This technique is very commonly used in Human Operated Ransomware and other attacks – this control will make brute forcing much harder which is awesome! pic.twitter.com/ZluT1cQQh0

— David Weston (DWIZZZLE) (@dwizzzleMSFT) July 20, 2022

Brute force attacks are a common threat to computers, especially enterprise-level networks with hundreds of employees making their own easy-to-remember passwords. Threat actors employ automated password generators that attempt to login into a computer by generating billions of password combinations. Some programs are sophisticated enough to remember which letter and number combinations were a “hit” and then continue shuffling the remaining characters until it hits on the full password.

Unlike email phishing malware, brute force attacks are operated by a person on the other end who is specifically targeting the victim’s computer or network. Once in, they can load ransomware directly into the network and lock up all the devices tied to it until money is paid. These attacks make up 70% to 80% of all enterprise network breaches, according to the FBI.

With Account Lockout Policy, Microsoft puts an end to brute force. The attackers will get locked out after 10 failed attempts to guess the password, which will happen in a matter of seconds. This feature is available on the most recent Windows 11 builds, from Insider Preview 22528.1000 and newer. In addition to Windows 11, the feature is also coming to Windows 10, although it will not be turned on by default.

Today's tech news, curated and condensed for your inbox

Subscribe

Check your inbox!

Please provide a valid email address to continue.

This email address is currently on file. If you are not receiving newsletters, please check your spam folder.

Sorry, an error occurred during subscription. Please try again later.

Privacy Policy Use a different email

Editors' Recommendations

• Ranking all 12 versions of Windows, from worst to best
• Hackers dug deep in the massive LastPass security breach
• Hackers stole $1.5 million using credit card data bought on the dark web
• MacBook butterfly keyboard lawsuit: are you eligible for a payout?
• Lagging in games? This Windows 11 update might fix the problem