Starting with Windows 11 Insider Preview build 22528.1000 the OS supports an account lockout policy enabled by default to block brute force attacks. The lockout policy was set to limit the number of failed sign-in attempts to 10, for 10 minutes.
“Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors. This technique is very commonly used in Human Operated Ransomware and other attacks – this control will make brute forcing much harder which is awesome.” announced David Weston, Microsoft vice president for enterprise and OS security.
The Account lockout threshold policy allows setting the number of failed sign-in attempts that will cause a user account to be locked. Once the account has been locked, it cannot be used until the admin reset it or until the number of minutes specified by the Account lockout duration policy setting expires.
The lockout policy is supported by Windows 10 and some Windows Server builds.
A collateral effect is that threat actors can abuse this feature to launch denial-of-service (DoS) attacks, causing problems for the target organizations.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Windows 11)
[adrotate banner=”5″]
[adrotate banner=”13″]
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly…
This website uses cookies.