Exploitation by brute force is one of the most common methods that cybercriminals utilize to hack passwords and encryption keys. Without proper security tools, threat actors may have unlimited attempts to guess an account''s password. It would not take long for threat actors to infiltrate an account.
Microsoft is taking steps to mitigate this by allowing IT administrators to configure any Windows system that receives security updates to block aggressive attacks targeting local administrator accounts. Starting with the October 11, 2022 or later, a local law will be available to enable local administrator account lockouts.
In the Local Group Policy Editor, IT admins can establish a "Allow Administrator account lockout" policy under the Local Computer Policy,Computer Configuration,Windows Settings,Security Settings, and Account Lockout Policies.
The company proposes allowing other accounts to enter under Account Lockout Policy: Account lockout duration, Account lockout threshold, and Reset Account lockout counter after. An account would be locked out after ten failed attempts within 10 minutes. This lockout would then last for 10 minutes, after which the account would be locked automatically.
The Administrator account lockout rule is also enabled by default at the system setup for new machines on Windows 11 version 22H2, or any new machines that include the Windows cumulative updates before the initial setup on October 11, 2022.
If a local administrator account is used, Microsoft will now simplify password complexity on new machines. These include uppercase letters, uppercase letters, numbers, and symbols. According to the software giant, these will "further safeguard accounts from being compromised due to a brute force attack."