Skip to main content
  1. Home
  2. Computing
  3. News

Windows 11 now stops brute force cyberattacks right in their tracks

By

Not all threats to your computer come from viruses and dodgy emails. Some people will simply try to smash their way into your PC by generating as many passwords as possible until they gain access, like a lock picker. Windows 11 can now stop that.

The most recent Windows 11 build blocks these brute force attacks with an Account Lockout Policy. Windows will automatically lock down accounts, including administrator accounts, after 10 failed login attempts.

Recommended Videos

“Win11 builds now have a default account lockout policy to mitigate RDP and other brute force password vectors.” said David Weston, Microsoft vice president of Sscurity and enterprise in a tweet earlier today. “This technique is very commonly used in Human Operated Ransomware and other attacks — this control will make brute forcing much harder, which is awesome!”

Related

@windowsinsider Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors. This technique is very commonly used in Human Operated Ransomware and other attacks – this control will make brute forcing much harder which is awesome! pic.twitter.com/ZluT1cQQh0

— David Weston (DWIZZZLE) (@dwizzzleMSFT) July 20, 2022

Brute force attacks are a common threat to computers, especially enterprise-level networks with hundreds of employees making their own easy-to-remember passwords. Threat actors employ automated password generators that attempt to login into a computer by generating billions of password combinations. Some programs are sophisticated enough to remember which letter and number combinations were a “hit” and then continue shuffling the remaining characters until it hits on the full password.

Unlike email phishing malware, brute force attacks are operated by a person on the other end who is specifically targeting the victim’s computer or network. Once in, they can load ransomware directly into the network and lock up all the devices tied to it until money is paid. These attacks make up 70% to 80% of all enterprise network breaches, according to the FBI.

With Account Lockout Policy, Microsoft puts an end to brute force. The attackers will get locked out after 10 failed attempts to guess the password, which will happen in a matter of seconds. This feature is available on the most recent Windows 11 builds, from Insider Preview 22528.1000 and newer. In addition to Windows 11, the feature is also coming to Windows 10, although it will not be turned on by default.

Editors’ Recommendations

Topics
Nathan Drescher
Nathan Drescher
Former Digital Trends Contributor
Nathan Drescher is a freelance journalist and writer from Ottawa, Canada. He's been writing about technology from around the…
A forced Windows update is coming next month
Windows 11 logo on a laptop.

Windows 11 version 22H2 will reach its end of servicing next month, and Microsoft has announced a forced update to 23H2 for October 8. This means machines running 22H2 (Home and Pro editions) will stop receiving updates after next month, leaving them vulnerable to security threats. Enterprise, Education, and Internet of Things (IoT) Enterprise editions running version 21H2 will also receive the automatic update.

In a post on the Windows Message Center, Microsoft urges users to update before October 8 or participate in the automatic update to keep themselves "protected and productive" since the monthly Patch Tuesday updates are "critical to security and ecosystem health."

Read more
Don’t use your Windows PC without using these security settings
The Windows Security app in Windows 11.

Historically, Windows has had a bad reputation for security, and there are far more malware strains that target Windows than any other operating system out there -- largely due to the scale of PCs that exist in the world. With such a vast array of potential threats, it’s more important than ever to keep your Microsoft PC safe and protected.

But doing so doesn’t have to be difficult or expensive. In fact, you can start right now with just the computer you own, no extra software necessary. And if you do want to supplement your PC with some of the best Windows apps that will boost your security and privacy, you don’t need to pay a penny.

Read more
There’s a scary new way to undo Windows security patches
Windows 11 logo on a laptop.

Security patches for Windows are essential for keeping your PC safe from developing threats. But downgrade attacks are a way of sidestepping Microsoft's patches, and a security researcher set out to show just how fatal these can be.

SafeBreach security researcher Alon Leviev mentioned in a company blog post that they'd created something called the Windows Downdate tool as a proof-of concept. The tool crafts persistent and irreversible downgrades on Windows Server systems and Windows 10 and 11 components.

Read more