The Ubuntu operating system must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt.

An XCCDF Rule

Description

Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.

ID: SV-238237r991588_rule
Version: UBTU-20-010075
Severity: Low
References: CCI-000366
Updated: 5 days ago

Remediation Templates

Configure the Ubuntu operating system to enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt. 
 
Edit the file "/etc/pam.d/common-auth" and set the parameter "pam_faildelay" to a value of  4000000 or greater: 
 
auth    required    pam_faildelay.so    delay=4000000