Microsoft in late September New tool to defend Windows 11. blocking mechanism brute force attacks it’s already running and the company will expand it to other versions of the operating system.
With the tool, IT administrators can configure systems to: Automatically block brute force attacks. (11) Since Tuesday, the novelty is now available in Windows updates.
The Windows 11 Defense Mechanism came with the Insider Preview Build 25206 update. The build was set to SMB Authentication Speed Limiter by default, 2 seconds between each failed incoming NTLM authentication. This makes the server more resistant to brute force attacks.
“This means that if an attacker previously sent 300 brute-force attempts per second for 5 minutes (90,000 passwords) from a client, the same number of attempts would now take at least 50 hours,” said the lead program manager of the security group. Microsoft Windows Server engineering by Ned Pyle.
How to enable protection
This feature is enabled by IT administrators via Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policies for the “Allow Administrator Account Lockout” policy.
Local administrator passwords also now require at least three of the four basic character types (lower and uppercase letters, numbers, and special characters).
Source: Tec Mundo
