• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

This New Windows Feature Will Lockout Local Admin Accounts

Microsoft will allow organizations to lock out local admin accounts after several unsuccessful login attempts.

October 14, 2022 Zachary Comeau Leave a Comment

Windows 11, Arm, Mac
diy13/stock.adobe.com

Microsoft is introducing a new feature in Windows that will lock out a local admin account after several attempted brute force attacks.

According to the Redmond, Wash. IT giant, Windows devices did not allow local admin accounts to be locked out despite brute force attacks being one of the top three ways that Windows devices are attacked. Without proper network segmentation or an intrusion detection service, local admin accounts could be subjected to unlimited brute force attacks.

That could be done using RDP over the network, and the time it takes to perform attacks against passwords is becoming trivial with modern computing power, the company says.

However, beginning with the Oct. 11 or later cumulative updates, Microsoft will allow organizations to enable a policy to lock out admin accounts.

The Windows admin account lockout policy can be found under Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policies. 

For existing machines, setting that value to “Enabled” on existing machines using a local or domain group policy object (GPO) will enable the lockout ability. Microsoft also recommends setting the other three policies under account lockout policies to 10/10/10.

“This means an account would be locked out after 10 failed attempts within 10 minutes and the lockout would last for 10 minutes, after which the account would be unlocked automatically,” reads a Microsoft support document.

For new machines on Windows 11 22h2 or any machines that include the Oct. 11 cumulative updates before initial setup, the Windows admin account lockout settings will be set by default at system setup, the company says.

“This occurs when the SAM database is first instantiated on a new machine,” the support document says. “So, if a new machine was set up and then had the October updates installed later, it will not be secure by default and will require the policy settings above.”

Admins who do not want the policies applied to a computer can set the local policy or create a group policy to “disabled.”

In another move to help prevent brute force attacks, the company is also enforcing password complexity on new machines if a local admin account is used. This too can be disabled in Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy.

Tagged With: IT management, Microsoft

Related Content:

  • Businessman meeting and training character vector design, corporate LMS training The Big-Picture Benefits of A Corporate LMS Investment
  • behind the scenes at Independent Television News (ITN) with AWS Production Studio Advances Live Cloud-Based Content & Delivery…
  • Microsoft Defender for IoT Microsoft Launches Defender for IoT Cloud-Managed Platform
  • Microsoft Nuance DAX Microsoft Brings GPT-4 to Healthcare Documentation Tech

Free downloadable guide you may like:

  • Four IT Trends That Will Define 2023Expert Series: Four IT Trends That Will Define 2023

    Learn about four key technologies we identified as critical to your IT organization’s success in 2023, as well as how to invest in new innovations emerging from each.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Four IT Trends That Will Define 2023
Expert Series: Four IT Trends That Will Define 2023

Learn about four key technologies we identified as critical to your IT organization’s success in 2023, as well as how to invest in new innovations ...

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.