IBM Aspera Shares must lock accounts after three unsuccessful login attempts within a 15-minute timeframe.

An XCCDF Rule

Details
Profiles

Description

By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. Limits are imposed by locking the account.

ID: SV-252600r831511_rule
Version: ASP4-SH-060130
Severity: Medium
References: CCI-000044 CCI-002236 CCI-002238
Updated: 11 days ago

Remediation Templates

Configure IBM Aspera Shares to lock accounts after three unsuccessful login attempts within a 15-minute timeframe: 

- Log in to the IBM Aspera Shares web page as a user with administrative privilege. 
- Select the "Admin" tab.
- Scroll down to the "Security" section.
- Select the "User Security" option.- Edit the "Failed login count" option to "3" or less.
- Edit the "Failed login interval" option to "15" minutes or less.
- Select "Save" at the bottom of the page.

IBM Aspera Shares must lock accounts after three unsuccessful login attempts within a 15-minute timeframe.

Description

Remediation Templates

A Manual Procedure