TOSS must enforce the limit of five consecutive invalid logon attempts by a user during a 15-minute time period.
An XCCDF Rule
Description
By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.
- ID
- SV-252946r958388_rule
- Version
- TOSS-04-020000
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure the operating system to lock an account when three unsuccessful logon attempts occur in 15 minutes.
Add/Modify the "/etc/security/faillock.conf" file to match the following lines:
deny = 3
fail_interval = 900