Next Windows 11 delays brute force attacks by default

Martin Brinkmann
Jul 23, 2022
Windows 11 News

Microsoft plans to roll out new default settings in the next major Windows 11 release that delay brute force attacks against accounts on the system.

windows 11 brute force protection

Brute-force attacks are commonly used by threat actors to gain access to systems. Especially Remote Desktop Protocol attacks are frequently used to gain remote access to Windows machines. Microsoft notes that human-operated ransomware attacks use Remote Desktop Protocol brute force attacks frequently to break into accounts.

One of the main shortcomings of Windows is that there is no default limitation that delays brute force attacks. While organizations may implement additional protections, e.g., by going passwordless or enabling two-factor authentication, most Windows systems are not protected against attacks.

Launched in the latest Windows 11 Insider builds and coming soon to all Windows 11 devices is a set of new account lockout policies that improve brute forcing protection on the operating system.

The protections delay brute force attacks by locking accounts after a number of failed login attempts. The default configuration locks accounts after 10 invalid login attempts for 10 minutes. The protection is available for all account types, including administrator accounts, by default.

Windows 11 administrators may change the default configuration using the Group Policy Editor:

  1. Use Windows-R to open the run box.
  2. Type gpedit.msc and hit the Enter-key to load the Group Policy Editor.
  3. Navigate to Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > Account Lockout Policy.
  4. A double-click on any of the four listed policies displays options to change the default values.

The four policies in question are:

  • Account lockout duration -- defines the time that the account will be locked if too many invalid login attempts are logged by the Windows 11 system.
  • Account lockout threshold -- defines the number of failed login attempts that Windows uses to determine whether the account should be locked.
  • Allow Administrator account lockout -- whether admin accounts should be locked as well.
  • Reset account lockout counter after -- when the lockout counter is reset.

Closing Words

Microsoft plans to launch the new brute force protections in the next feature update, which is scheduled for a release in the coming months. The new defaults should limit human-operated ransomware attacks that try to brute force their way into Windows PCs significantly.

Now You: what is your take on this new protection?

Next Windows 11 delays brute force attacks by default
Article Name
Next Windows 11 delays brute force attacks by default
Microsoft plans to roll out new default settings in the next major Windows 11 release that delay brute force attacks against accounts on the system.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Anonymous said on July 24, 2022 at 9:42 pm

    In before “hackers exploit account lockdown bug” …

  2. Lawrence said on July 24, 2022 at 12:47 am

    Thank you Martin.

    I’ve used every version of Windows since the beginning (plus DOS before that, alongside Unix) and had no idea this option had become available. Old dogs do like learning new tricks (currently using Linux Mint in tandem with Win10). Much obliged!

    Lawrence (NZ).

  3. Nookie Monster said on July 23, 2022 at 9:24 am

    Everybody knows this is just another trick to force you into using a Microsoft account. There will be cases where some toddler has banged on the keyboard enough times and there will be a nice popup for mommy saying “REGISTER A MICROSOFT ACCOUNT TO UNLOCK YOUR COMPUTER”

  4. userpassadmin said on July 23, 2022 at 9:12 am

    It’s sad not so many people realized that since Windows 7, it’s just Windows 7 + bloatwares and no new features, thanks for your money.

    1. Allwynd said on July 23, 2022 at 12:17 pm

      It’s not that sad when you get newer versions of Windows for free. I agree with you that Windows 7 was the apogee of the Windows OS and every subsequent version has been some form of degradation, but when you don’t have to pay a dime to use the latest, what’s to complain about?

      There is always the free Linux you can move to if you are so upset.

      1. Corky said on July 24, 2022 at 10:37 am

        Newer versions of Windows are not free…

        Upgrading is free (iirc) but this myth of Windows being free seriously needs to die, it’s been debunked so many times and saying it’s free is highly misleading, i mean they’re literally charging people $139 for an OS that’s heavily geared towards advertising their own services and/or anyone who’s willing to bung cash their way.

        And to add insult to injury they’re making people pay $139 for the privilege of being beta testers.

      2. Iron Heart said on July 23, 2022 at 2:52 pm


        Actually the best Windows in terms of engineering is / was Windows 8(.1)…

        It had the lowest RAM usage of all (least amount of processes as well), fastest startup times, full SSD support, no forced updates yet, no ads yet etc.

        Windows 7 and Windows 10, Windows 11 are all more bloated and heavy than that and / or have other issues. Other than the Metro screen Windows 8 was phenomenal, and the Metro screen is only an issue if you don’t know how to install Classic Shell.

        Windows 7 was not much better than later builds of Windows Vista, Windows Vista SP2 is comparable to Windows 7 actually.

      3. Allwynd said on July 25, 2022 at 11:59 am

        @Iron Heart,

        Windows 8 marked the inception of 3rd party start menu replacements and other 3rd party UI enhancements that weren’t aimed at enriching the experience, but restoring it to the state it was before. If you need 3rd party software to restore functionality, that’s already a big drop in rating.

        Maybe if Windows 8 came with an UI identical to Windwos 7, I would have agreed with you, but the bad UI drops it really low.

      4. Frankel said on July 24, 2022 at 1:38 pm

        Lowest RAM usage doesn’t mean anything in terms of performance. And in times where IT professionals roll 32-64GB on their workstation or even daily driver, it is a massive fallacy to equate this to any metric proving the quality of an OS. The constant switching among user applications, several of which may be accessing large amounts of data, reduces the efficiency of LRU-style caching; aggressive prefetching allows each application to perform larger, less frequent I/O transfers, exploiting the disk performance advances. As memory sizes and disk bandwidths continue to increase, and as RAM hungry browsers as Chrome continue to proliferate, the performance benefit of aggressive prefetching will surpass that of caching policies.

  5. Leak said on July 23, 2022 at 8:59 am

    The only new policy here is “Allow Administrator account lockout” – the other settings have always been there since ages ago; it’s just that they weren’t enabled by default…

  6. d3x said on July 23, 2022 at 7:10 am

    Are they retarded? Why whould you want to even temporary lock an account? They should block source IP, or implement longer time it takes for password verification like it is already when you try to guess password at login screen.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.