As ransomware attacks continue to surge, Microsoft has taken a major step toward closing off one of the common methods of gaining unauthorized access to Windows computers. Known as brute-force attacks, repeated attempts are made at guessing the login password on one or more computers in a network.
Microsoft announced today that account lockout is available for local administrators in the latest cumulative update for Windows. This will automatically enable account lockout for new machines set up on Windows 11, version 22H2, as well as any new machine that gets the October 11, 2022 Windows cumulative update.
For existing computers, the administrator of the computer needs to enable Allow Administrator account lockout policy under Local Computer Policy/Computer Configuration/Windows Settings/Security Settings/Account Policies/Account Lockout Policies in order to add this extra layer of protection.
Brute-force attacks are particularly concerning since little needs to be known about the system or its users to randomly cycle through common passwords and attempt to gain access. Hackers can even breach computers with a barrage of passwords sent over Windows Remote desktop protocol.
Bleeping Computer first spotted the news and noted that Microsoft also announced that more complex passwords will be required for local admin accounts. As with many online services, a mix of uppercase and lowercase letters, numbers, and symbols will be needed for this type of account. This is a critical step since the administrator has access to every file on the computer, even system files.
As hacking efforts continue to accelerate, it’s important to close every possible weakness. Account lockout after 10 failed attempts seems like a very good and common-sense security measure that probably should have been implemented long ago.
