It appears that the anti-brute force mechanism that Microsoft has implemented Windows 11 It has been working for less than a month, as the company decided to expand it to all other supported versions of the operating system.
In an announcement, Microsoft explained that IT administrators can now configure their systems to automatically block these types of attacks against local administrator accounts through group policy.
“In an effort to prevent further brutal attacks/attempts of force, we are implementing account closures for administrator accounts,” Microsoft said. “Beginning with October 11, 2022 or later cumulative updates for Windows, a local policy will be available to enable local administrator account lockouts.”
Test features with Windows 11
Microsoft first introduced the change in late September, with Insider Preview Build 25206, by enabling the SMB authentication rate selector by default. A couple of other settings have been tweaked to make these attacks “less effective” as well.
“The SMB server service now defaults by two seconds between each incoming NTLM authentication failure,” said Ned Pyle, principal program manager at Microsoft Windows Server engineering group, at the time.
This means that if an attacker previously sent 300 brute force attempts per second from a client for 5 minutes (90,000 The password (Opens in a new tab)), the same number of attempts would now take a minimum of 50 hours.”
In other words, with the feature turned on, there is a delay between each unsuccessful NTLM authentication attempt, which makes SMB server More resilient service in the face of brute force attacks.
To turn on the feature, IT administrators must search Local Computer PolicyComputer ConfigurationWindows SettingsSecurity SettingsAccount PoliciesAccount Lockout Policies for the “Allow administrator account to be closed” policy.
Alongside this change, Microsoft has also changed how all local administrator passwords are set up, requiring at least three of the four basic character types – lowercase letters, uppercase letters, numbers, and symbols.
Across Computer (Opens in a new tab)