Threats to your computer don’t just come from malicious software and shady emails. Some people will try to brute force their way into your computer by creating as many different passwords as they can until they succeed. This type of ‘brute force’ attack is common, and one that Windows 11 actively prevents.
Thanks to a recent Microsoft 11 update, all attempted attacks will now trigger an account lockout policy, which will automatically lock down all user and administrator accounts after ten failed login attempts, preventing the brute force attack from being executed.
As part of ransomware and other malicious attacks, brute force attacks frequently use automated systems to test a huge number of passwords for one or more user accounts. The Covid-19 pandemic forced employees and businesses to adopt and rely on various remote, collaborative solutions. The change in workplace connectivity caused a rapid rise in brute force attacks, which increased from 150,000 per year to more than one million at the onset of the pandemic.
To access a user’s login information, brute force attacks are carried out utilizing scripts and programs that generate millions of password combinations. The attack tries to calculate every possible combination to find the password. The length and complexity of the password being tried have a direct impact on how long it takes to get the proper combination. The new feature locks off attackers as soon as they generate the first ten password tries, thus ending Windows 11-based brute force attacks.
The tech giant advises setting the account lockout threshold to a high enough amount to account for users accidentally mistyping their passwords and limiting the account lockout duration to up to 15 minutes.
The action taken by Microsoft is a significant step forward in reducing the performance of one of the most common and basic vulnerabilities affecting end users worldwide. Despite the new approach, users still need to use excellent security practices by creating difficult passwords using long character lengths, different character cases, digits, and (where allowed) specific characters. Windows 11 versions 22528.1000 and the newer ones will support this new functionality. Windows 10 will also receive the capability, although users will need to explicitly enable the policy.
If you would like to chat about your Businesses needs, get in touch with our IT experts.