Policy
Configure Brute-Force Protection aggressiveness
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10, Windows10RT, Windows11, WindowsServer2016
Set the criteria for when Brute-Force Protection blocks IP addresses. Supported settings: *0 - Low: Block only when confidence level is 100% (Default) *1 - Medium: Use cloud aggregation and block when confidence level is above 99% *2 - High: Use cloud intel and context, and block when confidence level is above 90%
Internal name
Remediation_BNB_BFP_BruteForceProtection_Aggressiveness
Policy ID
b57fd4507dd6
Elements
1
Registry values
How enabled and disabled states update the registry.
No explicit registry values are set for enabled or disabled states.
Policy elements
Inputs and configuration options exposed by this policy.
| Element | Type | Registry mapping | Constraints & behavior |
|---|---|---|---|
Specify how aggressively Brute-Force Protection blocks threats ID Remediation_BNB_BFP_BruteForceProtection_Aggressiveness | enum | HKLM\Software\Policies\Microsoft\Windows Defender\Remediation\Behavioral Network Blocks\Brute Force Protection\BruteForceProtectionAggressiveness Type REG_DWORD | Options: Low (0), Medium (1), High (2) |
Other policies in this category
Explore related policies at the same level.
- ComputerConfigure Brute-Force Protection blocking timeAt least Windows Server 2016, Windows 10 Version 1607
- ComputerConfigure Remote Encryption Protection ModeAt least Windows Server 2016, Windows 10 Version 1607
- ComputerSet exclusions from Brute-Force ProtectionAt least Windows Server 2016, Windows 10 Version 1607