New Microsoft Windows 11 security tool will frustrate password hackers - New Delhi News

New Delhi, Sep 23 (IANS) Microsoft has unveiled a new security feature in Windows 11 that will make it extremely diffficult for hackers to steal user credentials.

by IANS | Updated Sep 23, 2022

New Microsoft Windows 11 security tool will frustrate password hackers - New Delhi News

Called the SMB authentication rate limiter, it is available in Windows 11 Insider and Windows Server Insider builds and makes it more time-consuming for cyber criminals to target the server with password-guessing attacks.

"If your organisation has no intrusion detection software or doesn't set a password lockout policy, an attacker might guess a user's password in a matter of days or hours. A consumer user who turns off their firewall and brings their device to an unsafe network has a similar problem," said Microsoft security expert Ned Pyle.

The company said that the SMB server service now defaults to a two-second default between each failed inbound New Technology LAN Manager (NTLM) authentication.

SMB refers to the Server Message Block (SMB) network file-sharing protocol, while Windows NTLM is a suite of security protocols offered by Microsoft to authenticate users' identity and protect the integrity and confidentiality of their activity.

"This means if an attacker previously sent 300 brute force attempts per second from a client for 5 minutes (90,000 passwords), the same number of attempts would now take 50 hours at a minimum. The goal here is to make a machine a very unattractive target for attacking local credentials through SMB," informed Pyle.

SMB refers to the Server Message Block (SMB) network file-sharing protocol. Windows and Windows Server come with the SMB server enabled. NTLM refers to the NT Lan Manager (NTLM) protocol for client-sever authentication with, for example, Active Directory (AD) NTLM logons.

Microsoft is rolling out several secure defaults in Windows 11, including a default account lockout policy to mitigate RDP and other brute force password attacks.

Disclaimer: This story is auto-aggregated by a computer program and has not been created or edited by FreshersLIVE.Publisher : IANS-Media

Related Articles

  • Pfizer CEO tests positive for Covid again
  • Refurbished 13-inch MacBook Pro with M2 now available for sale
  • Samsung sells over 1.2 mn Galaxy devices worth Rs 1,000 cr in 24 hours
  • Samsung working on dual under-display camera tech for facial recognition
  • Fitbit users may need Google accounts to login in 2023
  • Mozilla challenges anti-market practices of Google, Apple, Microsoft
  • Every fifth person in UP is overweight
  • Google likely not to change Pixel 7 series prices
  • Metal dust, stone-cutting in Aravallis drives chronic lung disease up in Faridabad
  • PM Modi set to gift 5G services to Indians on Oct 1 (Lead)