Microsoft updates Windows 11 to block RDP and other brute force attacks by default
Microsoft has introduced a change to Windows 11 that makes it much harder to use brute force attacks to crack passwords. Starting with the latest Insider builds, there is a new account lockout policy in place by default.
The policy means that should an incorrect password be entered 10 times, the account will be locked for 10 minutes. While this does not make brute forcing impossible, by any means, it makes it much harder and more time consuming, boosting security in an important area.
- If you have KB5015888 installed, you can take part in Microsoft's 'special' Windows 11 Bug Bash
- Microsoft changes its policy against the sale of open source software in the Microsoft Store
- KB5015814 update is causing Start menu problems and 0x8007007e errors in Windows 11
The new policy can be found in Windows 11 Insider Preview Build 22528.1000 and newer, and it is possible to tweak settings as required. Users have the option of changing not only the number of incorrect password entries that trigger a lock out, but also how long an account should be locked for.
In a tweet, Microsoft's vice president of OS security and enterprise, David Weston, announced the change saying: "Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors".
In later tweets he also confirmed that the same security feature will be backported to Windows 10 and Windows Server.
Reacting to the news, a spokesperson for security firm and MFA maker Token said:
This is a smart update from Microsoft, but it means that attackers will redouble efforts at gaining access to enterprises through other methods such as compromising user logins. Ransomware gangs aren't simply going to give up and go away.