Mmm, that turns me on! Windows 11 22H2 is currently in testing, available for Insiders with a massive list of changes and new features fitting for the first update for the operating system.
Many of these improvements are visible to users, but some are not. One option in the second column is one that you will have to dig deeper to uncover.
It is improved protection against brute force attacks.
While this is the norm on other platforms and services, it is only now being rolled out on Windows. Microsoft first implemented this in Windows 2000 over two decades ago, but the company is now turning this option on by default.
The switch is flipped, starting with Windows 11 22H2, build 22528.1000 and higher.
Microsoft OS Security and Enterprise VP David Weston recently tweeted about this new protection technique to Insiders.
This security measure works just as you imagine it would. The operating system effectively locks the system after ten failed attempts to guess the local password. The presence of this makes it much harder to get into the system using brute force tactics.
According to Weston, this technique is very commonly used in Human-Operated Ransomware and other attacks. A brute force attack is also a popular way that bad actors use to get into systems, sometimes using Remote Desktop Protocol (RDP).
David Weston further confirmed that the new lockout policies are coming to Windows 10 as well.
These new policies are available in Local Group Policy Editor by navigating to Computer Configuration > Windows Settings > Security Settings > Account Lockout Policy. By default, Windows 11 locks out after ten failed attempts to guess the password in ten minutes.
But IT admins can configure these values according to their needs.
