+6
By Sergiu Gatlan October 11, 2022
Microsoft announced today that IT admins can now configure any Windows system still receiving security updates to automatically block brute force attacks targeting local administrator accounts via a group policy.
Microsoft added this policy as they say Windows does not currently apply Account Lockout policies to "local administrators," allowing threat actors to repeatedly brute force passwords for these accounts.
+4I actually didn't realise this wasn't a feature before. Seems like an obvious one and certainly a welcome feature.
+6Yeah! Me too. But now that I think it through, the lockout policies only apply to domain logins. We have a service that alerts on multiple failed login attempts, but hadn’t thought through a lockout policy. Glad to see Microsoft improving in this space.
+4I'll just use a password reset boot disk instead 😀
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
