Early this week, David Weston, Microsoft’s VP of Security and Enterprise, tweeted the news. Weston claims that the lockout policy is intended to reduce the risk of attacks using the Remote Desktop Protocol (RDP) and other brute force methods. Windows 11 Insider Preview versions 22528.1000 and newer are compatible with the new functionality. Windows 10 will also receive the capability, although users will need to explicitly enable the policy.
In order to access a user’s login information, brute force attacks are carried out utilizing scripts and programs that generate millions of password combinations. The attack tries to calculate every possible combination in an effort to find the password. The length and complexity of the password being tried have a direct impact on how long it takes to get the proper combination. The new feature locks off attackers as soon as they generate the first ten password tries, thus ending Windows 11-based brute force attacks.
Due to the demands of the modern workplace, brute force attacks have somewhat returned, despite their age and simplicity. Many workers and businesses were compelled to adopt and rely on different remote solutions as a result of the Covid-19 outbreak. As a result of the change in workplace connectivity, brute force attacks sharply increased, going from 150,000 each year to more than one million at the onset of the pandemic.
The action taken by Microsoft is a significant step toward lessening the impact of one of the oldest and most basic vulnerabilities that affects consumers all across the world. Users should continue to employ solid security practices notwithstanding the new restriction by establishing difficult passwords with longer character lengths, different character case, numerals, and (where allowed) special characters.