AIX must enforce a delay of at least 4 seconds between login prompts following a failed login attempt.

An XCCDF Rule

Description

Limiting the number of login attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.

ID: SV-215337r991588_rule
Version: AIX7-00-003029
Severity: Medium
References: CCI-000366
Updated: 7 days ago

Remediation Templates

From the command prompt, run the following command to set "logindelay=4" for the default stanza in "/etc/security/login.cfg":
# chsec -f /etc/security/login.cfg -s default -a logindelay=4