MENU
Solve your Windows problems. Support a comfortable PC life.

Microsoft strengthens defenses against brute force attacks

Ads

As part of its efforts to combat cyberattacks on Windows devices, Microsoft has strengthened its defenses against brute force attacks.

A brute force attack is an attack method that involves repeatedly trying every possible combination in order to crack a password or encryption key.

Cybercriminals use this technique to compromise Windows devices.

If you don't have the right security software installed, an attacker can take a long time to guess your account password and attempt to log in illegally.

In particular, if you set a password that is easy to guess, there is a high chance that it will be broken in just a few seconds.

To address this issue, Microsoft has introduced a feature that automatically blocks brute force attacks against local administrator accounts on systems that have applied Windows cumulative updates.

Specifically, the local administrator account lockout policy is enabled by default in cumulative updates released after October 11, 2022.

This lockout policy automatically locks an account after a certain number of consecutive failed login attempts, preventing unauthorized access.

To use this feature,ローカルグループポリシーエディターYou must enable the setting in

It is highly recommended that you enable this lockout policy, especially in companies and other organizations.

Supported OS: Windows 10, Windows 11 Pro edition or above

table of contents

Allow administrator account lockout

1. Press Windows key + R to open Run, type "gpedit.msc" and press Enter.

2. The Local Group Policy Editor will open, so open Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > Account Policies > "Account Lockout Policy".

Local Group Policy Editor - Account Lockout Policy
Local Group Policy Editor – Account Lockout Policy

If you look to the right of "Allow administrator account lockouts," you'll see that it says "Disabled."

3. Double-click "Allow administrator account lockout" to enable it.

"Allow administrator account lockout" properties - description
"Allow administrator account lockout" properties – description

4. On the Local Security Settings tab, select Enabled and click OK.

"Allow administrator account lockout" properties
"Allow administrator account lockout" properties

Microsoft

  • Account Lockout Threshold
  • "Reset lockout counter"
  • Lockout period

It is recommended to set these three as well.

そ し て,

  • "Account lockout threshold" set to "10 failed logon attempts"
  • "Lockout counter reset" to "After 10 minutes"
  • "Lockout period" to "10 minutes"

It is recommended to set it to .

Local Group Policy Editor - Account Lockout Policy
Local Group Policy Editor – Account Lockout Policy

For detailed setting instructions, please refer to the following article:

If you enter the wrong password a specified number of times when logging in to Win10/Win11, your account will be locked.

Windows Convenient functions Security
If you found this article helpful, please share it on social media.

Person who wrote this article

wenbang's avatar wenbang

Driven by questions arising from my daily PC use and the desire to "do more," I have been pursuing self-study in Windows since around 2008. I am sharing the "aha!" techniques and solutions I discovered through trial and error with the sole purpose of helping you in your PC life.

View profile

Comment:

To comment

[About submissions]
We welcome any questions or information regarding the content of the article.
However, please note that content unrelated to the purpose of the article, criticism of specific individuals or organizations, offensive language,Inappropriate wordsComments containing the above may be deleted or made private without notice at the discretion of the administrator.
Please note that spam may be automatically deleted by anti-spam measures.

CAPTCHA


table of contents