Windows 11 is now more secure due to the newly added default account lockout policy. This policy is to mitigate RDP along with other types of brute force password vectors. From what we have gathered, this is a technique mostly used in Human Operated Ransomware.
Brute Force Attack protection will be enabled by default in Windows 11
“Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors. This technique is very commonly used in Human Operated Ransomware and other attacks – this control will make brute forcing much harder which is awesome,” according to David Weston, Microsoft vice president for enterprise and OS security.
This new security policy came to the forefront first via Insider Preview build 22528.1000. It will limit the number of failed account sign-in attempts to around 10, and for a maximum of 10 minutes.
We must point out that this feature is not entirely new as IT security teams had access to something similar for quite some time. What we have here is Microsoft rolling out the feature to regular users of Windows 11 which is enabled by default – and that’s commendable.
For those who are wondering, RDP was one of the top three infection vectors used in Ransomware attacks back in 2021, therefore, it comes as no surprise to see Microsoft taking the threat so seriously.
If you want to learn more about Local Security Policy within Windows 11, then we suggest reading how to Harden Windows Login Password Policy & Account Lockout Policy. It will explain how to improve the security of your computer to keep bad actors at bay.