top of page

August 2022

Default Protection Against RDP 'Brute Force' Attacks in Windows 11

Microsoft is taking steps to prevent Brute Force attacks with Remote Desktop Protocol (RDP), part of the latest version of the Windows 11 operating system, in order to raise the security potential to meet the evolving threat landscape.

"Windows 11 builds now have a default account lockout policy to reduce RDP and other Brute Force password vectors," Microsoft's security experts said. This technique has been one of the most popular methods used by human-run ransomware and other attacks to gain unauthorized access to computers with Windows operating systems.

The account lockout policy is also available on Windows 10 systems, but is not active by default, allowing attackers to Brute Force attack Windows systems with the Remote Desktop Protocol (RDP) service. With Windows 11 improving the account lockout policy, accounts are automatically locked for 10 minutes after 10 failed login attempts.

Precautions to be taken in order to be protected from such attacks;

  • Advise your employees to set strong and unpredictable passwords,

  • Enable multi-factor authentication (MFA) on all possible business and personal accounts

  • Benefit from (PAM) services that ensure that passwords are changed and protected at regular intervals or at each use,

  • Use a security solution that can protect you from phishing scams and malware on all your devices,

  • Pay attention to user awareness trainings.


bottom of page