Microsoft has added a new feature to Windows 11 that will be turned on by default in order to counter brute force cyberattacks, which attempt a huge number of passwords quickly in order to get access to user accounts.
A new password protection mechanism is introduced in Build Preview 25206, which is accessible through the Insider Program on the Developer Channel. This technique works to safeguard passwords in both professional and home situations.
The new invention is called a “SMB authentication rate limiter” (SMB authentication rate limiter) and it works when the computer is being subjected to a brute force assault, which quickly attempts a large number of password combinations to locate the right one.
When this protection notices that an invalid login or password has been entered, it sets a time delay of 2 seconds between attempts.
According to Microsoft Security Expert Ned Pyle in a post on the TechCommunity site, this means that if an attacker previously submitted 300 brute force attempts per second from a client for 5 minutes (90,000 passwords), the same number of attempts would now take at least 50 hours.
The objective, he continues, is to make the computer a “extremely unpleasant target to attack credentials local via SMB.” The business has chosen to enable it by default as a result.