With the release of Windows 11, Microsoft has introduced a new security feature that will make it very difficult for hackers to obtain user credentials.
The SMB authentication rate limitation, which is present in Windows 11 Insider and Windows Server Insider releases, increases the amount of time it takes for hackers to attempt to guess the server’s password.
Read Also :- Second-highest worldwide rate of cyberattacks on the Indian healthcare sector: report
“An attacker might quickly guess a user’s password if your company doesn’t employ intrusion detection software or hasn’t established a password lockout policy. Similar issues arise when a consumer user disables their firewall and connects their device to a risky network “Ned Pyle, a Microsoft security specialist, stated.
According to the firm, the SMB server service now allows two seconds to pass after each unsuccessful incoming New Technology LAN Manager (NTLM) authentication attempt.
While Windows NTLM is a collection of security protocols provided by Microsoft to verify users’ identities and safeguard the integrity and confidentiality of their activities, SMB refers to the Server Message Block (SMB) network file-sharing protocol.
“This implies that if an attacker had previously used a client to send 300 brute force tries per second for 5 minutes (90,000 passwords), it would now take at least 50 hours to make the same amount of attempts. Making a system an extremely unappealing target for SMB attacks using local credentials is the aim here “enlightened Pyle.
SMB stands for the network file-sharing protocol known as Server Message Block (SMB). The SMB server is pre-activated in Windows and Windows Server. When someone uses the term “NTLM,” they are referring to the NT Lan Manager (NTLM) protocol for client-server authentication, such as Active Directory (AD) NTLM logons.
With Windows 11, Microsoft is introducing a number of safe defaults, such as a lockout default account policy to counter RDP and other brute force password attempts.
