One of the most common ways for hackers with direct or remote (RDP) access to your PC to get into your system is with brute force attacks. These attacks involve guessing an admin’s username and password or using an app or script that can do so. Well, turns out that Microsoft’s now ahead of the game, as a default option in Windows 11 22H2 Insider builds can protect against this (via Bleeping Computer).
More specifically, we’re talking about the account lockout duration option under the local group policy editor. This has usually been turned off and disabled by default in other Windows versions, but Windows 11 22H2 turns it on by default and sets it to 10 invalid login attempts in Windows Insider Preview build 22528.1000, or higher. David Weston, who is the Vice President, OS Security and Enterprise at Microsoft shared the news on his Twitter.
@windowsinsider Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors. This technique is very commonly used in Human Operated Ransomware and other attacks – this control will make brute forcing much harder which is awesome! pic.twitter.com/ZluT1cQQh0
— David Weston (DWIZZZLE) (@dwizzzleMSFT) July 20, 2022
Microsoft actually has a dedicated blog post on human-operated ransomware attacks and explains how brute force attacks are used to get into PCs. With the account lockout duration option now on by default and set to 10 invalid login attempts, these attacks are much harder now. This is a huge step for cybersecurity, as the FBI’s own data shows that RDP-type attacks are the most common for ransomware attackers, making up 80% of breaches in their data.