Microsoft introduces the Account Lookout Policy to its default setting in all Windows 11 devices

Windows 11 enabled its Account Lockout Policy in default settings mode to automatically lock user accounts including Administrator accounts after 10 failed sign-in attempts for 10 minutes.

Windows’ Account Lockout Policy is a threshold lookout policy setting that is responsible for determining the number of failed sign-in attempts resulting in profile lock. Usually, the account requires guessing the password using automated tools. However, this method is now replaced with blocking on the latest Windows 11 builds after failing to input the correct password 10 times in a row.

Microsoft’s Vice President for Enterprise and OS Security said, “Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors. This technique is very commonly used in Human Operated Ransomware and other attacks – this control will make brute forcing much harder which is awesome!”

Microsoft officials also said that threat actors usually input multiple credentials to breach the Windows systems with the help of the Remote Desktop Protocol when the password is unknown. The threat actors have attained this method to breach almost 70-80% of the enterprise networks.

This new Account Lockout Policy is also available on Windows 10 devices where admins can configure the policy in the Group Policy Management Console from Windows Settings. The company has stated that this feature will help the teleworkers who come in contact with the continuous cyber threat by exposing organizational networks. However, Microsoft has also added that on Windows 10 devices this feature won’t be available by default but the admin can find it in sections like configuration and policies.