Windows all: Brute force protection on local accounts

Microsoft reported in July 2022 that it is preparing protection against brute force attacks on its local accounts and 2022.

This protection is now enabled on new Windows 11 PCs and "any new systems that have installed the October 11 updates."

Brute Force

In other words, local accounts on new systems are automatically protected from brute force attacks. But local accounts on old machines are not protected, even if the October.

However system administrators can enable this protection, provided they have on political group.

The following account policies can be configured on any supported version of Windows, provided that the October 2022 security updates.

bf windows
  • Account lockout period: specifies the length of time in minutes that a locked account remains locked before it is automatically unlocked. A duration of 0 keeps the account locked until an administrator manually unlocks it.
  • Account Lockout Limit: specifies the number of failed attempts s required before an account is automatically locked. THE 0 disables auto-lock protection.
  • Allow administrator account lockout: specifies whether administrator accounts can be locked when too many invalid login attempts are logged by the system.
  • Account Lockout Counter Reset: specifies the number of minutes to elapse before the account lockout counter resets to 0.

Let's see how they are enabled or disabled in policies, depending on whether they are enabled by default or not.

  • Search for gpedit and open the Group Policy Editor application.
  • Follow the path: to Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policy or Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policies.
  • There you will find all four policies above.
  • Double-click a policy to change it. All that is required is to change the default values ​​to enable or disable them.

Your computer needs to be restarted for the changes to take effect.

For some systems protection against brute force attacks will be very useful, especially if they are accessible by others. It is quite easy to configure protections in older versions of Windows to reduce the chance of successful attacks.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
windows, brute force, iguru

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).