• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

This New Windows Feature Will Lockout Local Admin Accounts

Microsoft will allow organizations to lock out local admin accounts after several unsuccessful login attempts.

October 14, 2022 Zachary Comeau Leave a Comment

Windows 11, Windows 365 Boot, IT management, privacy, security,
diy13/stock.adobe.com

Microsoft is introducing a new feature in Windows that will lock out a local admin account after several attempted brute force attacks.

According to the Redmond, Wash. IT giant, Windows devices did not allow local admin accounts to be locked out despite brute force attacks being one of the top three ways that Windows devices are attacked. Without proper network segmentation or an intrusion detection service, local admin accounts could be subjected to unlimited brute force attacks.

That could be done using RDP over the network, and the time it takes to perform attacks against passwords is becoming trivial with modern computing power, the company says.

However, beginning with the Oct. 11 or later cumulative updates, Microsoft will allow organizations to enable a policy to lock out admin accounts.

The Windows admin account lockout policy can be found under Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policies. 

For existing machines, setting that value to “Enabled” on existing machines using a local or domain group policy object (GPO) will enable the lockout ability. Microsoft also recommends setting the other three policies under account lockout policies to 10/10/10.

“This means an account would be locked out after 10 failed attempts within 10 minutes and the lockout would last for 10 minutes, after which the account would be unlocked automatically,” reads a Microsoft support document.

For new machines on Windows 11 22h2 or any machines that include the Oct. 11 cumulative updates before initial setup, the Windows admin account lockout settings will be set by default at system setup, the company says.

“This occurs when the SAM database is first instantiated on a new machine,” the support document says. “So, if a new machine was set up and then had the October updates installed later, it will not be secure by default and will require the policy settings above.”

Admins who do not want the policies applied to a computer can set the local policy or create a group policy to “disabled.”

In another move to help prevent brute force attacks, the company is also enforcing password complexity on new machines if a local admin account is used. This too can be disabled in Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: IT management, Microsoft

Related Content:

  • data breach Nearly 900 Schools Impacted by National Student Clearinghouse…
  • Rearview shot of two young designers giving each other a fist bump in an office, on display is Crestron desk scheduling device Crestron Introduces Desk Q and Desk Touch Scheduling…
  • CI SSI cover Commercial Integrator and Security Sales & Integration Magazines…
  • cyber-attack-skull Spike in Cyberattacks Exposes Vulnerabilities in University Security…

Free downloadable guide you may like:

  • Download TechDecisions' Blueprint Series report on Security Awareness now!Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

    Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared to defend against them in this report from TechDecisions' Blueprint Series.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Download TechDecisions' Blueprint Series report on Security Awareness now!
Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared t...

Workplace Collaboration Tools for Corporate Spaces
Workplace Collaboration Tools for Corporate Spaces

From lobbies and shared spaces to conference rooms and multipurpose facilities, you need high-performing AV technology to effectively share informa...

ChatGPT, generative AI, enterprise, workplace
Blueprint Series: ChatGPT and Generative AI in the Workplace

This latest release of the TechDecisions Blueprint Series explores the new phenomenon of tools such as ChatGPT and how IT leaders should go about d...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Advertise with Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSDO NOT SELL MY PERSONAL INFORMATIONTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.