Skip to content

AIX must enforce a delay of at least 4 seconds between login prompts following a failed login attempt.

An XCCDF Rule

Description

<VulnDiscussion>Limiting the number of login attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-215337r508663_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

From the command prompt, run the following command to set "logindelay=4" for the default stanza in "/etc/security/login.cfg":
# chsec -f /etc/security/login.cfg -s default -a logindelay=4