Security News > 2022 > July > Using Account Lockout policies to block Windows Brute Force Attacks
A strong account lockout policy is one of the most effective tools for stopping brute force authentication attempts on Windows domains.
As an alternative, you can force an account lockout to remain in effect until an administrator unlocks the account by setting the account lockout duration value to 0.
The second group policy setting that is used as the basis of an account lockout policy is the Account Lockout Threshold setting.
Setting the Account Lockout Threshold to a value of five for example, would mean that a user's account would be locked out following five failed login attempts.
The third setting in an account lockout policy is the Reset Account Lockout Counter After setting.
Even though an account lockout policy can be configured to automatically unlock a user's account after a period of time, most organizations require an administrator to unlock accounts that have become locked.
News URL
Related news
- Windows Update downgrade attack "unpatches" fully-updated systems (source)
- “Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days (source)
- Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities (source)
- PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads (source)
- Novel attack on Windows spotted in phishing campaign run from and targeting China (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Windows vulnerability abused braille “spaces” in zero-day attacks (source)
- CISA warns of Windows flaw used in infostealer malware attacks (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)