Windows 11 is now an “unattractive target” for brute force attacks

Patrick Devaney


In cybersecurity terms, a brute force attack is when a scammer or malicious actor uses a software program to continuously input different password combinations until it finds the right one. It is called a brute force attack because it is literally knocking on the door until it finally breaks through. Microsoft has just rolled out an update for Windows 11 that includes a patch that will make it much more difficult for these types of attack to work on the operating system.

Windows 11 Download Now

Microsoft has recently pushed out the new Windows 11 2022 update and the Insider Preview Build available to more advanced test users of the operating system includes a series of updates and tweaks that make successful brute force attacks much more unlikely.

Windows 11 is now an “unattractive target” for brute force attacks

The change that will make the biggest difference relates to the amount of time required in between different login attempts. Forcing a delay in between login attempts like this, significantly increases the time needed for a computer program to force its way through the login page. In the Microsoft Tech Community blog post explain the new features coming with advanced build, Principal Program Manager, Ned Pyle explained:

“With the release of Windows 11 Insider Preview Build 25206 Dev Channel today, the SMB server service now defaults to a 2-second default between each failed inbound NTLM authentication. This means if an attacker previously sent 300 brute force attempts per second from a client for 5 minutes (90,000 passwords), the same number of attempts would now take 50 hours at a minimum. The goal here is to make a machine a very unattractive target for attacking local credentials through SMB.”

It is interesting to see Microsoft continue to innovate in novel ways like this to further ensure the safety of Windows 11 users. This is particularly timely too, considering how slippery the scammers themselves actually are. Also, with a new Android update about to force through security patches onto all devices, a lot of these scammers may soon start targeting operating systems like Windows 11.

You may also like