MADRID, 22 Sep. (Portaltic/EP) –
Microsoft has implemented a new feature in Windows 11 that will be enabled by default to combat brute force cyber attacks that try to access user accounts by trying a large number of passwords in a short period of time.
Build Preview 25206, available within the Insider Program on the Developer Channel, introduces a additional protection mechanism for passwords, both for business environments and for personal user equipment.
The novelty is known as ‘SMB authentication rate limiter’ (SMB authentication rate limiter) and acts on occasions when the computer is receiving a brute force attack, which tries many combinations of passwords in a very short time to try to find the correct one. that the user has used.
What this protection does is set a time delay, 2 seconds, between attempts when it detects that an incorrect username or password has been entered.
“This means that if an attacker previously sent 300 brute force attempts per second from a client for 5 minutes (90,000 passwords), the same number of attempts would now take at least 50 hours,” explains Microsoft Security Expert Ned Pyle, in a publication in the foro TechCommunity.
The goal is for the computer to become a “very unappealing target to attack credentials local via SMB”, he adds. For this reason, the company has decided to activate it by default.