Free DISA STIG and SRG Library | Vaulted

V-56595

The operating system must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt.

Finding ID
SRG-OS-000480-GPOS-00226
Rule ID
SV-70855r1_rule
Severity
Cat II
CCE
(None)
Group Title
SRG-OS-000480-GPOS-00226
CCI
CCI-000366
Target Key
(None)
Documentable
No
Discussion

Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.

Fix Text

Configure the operating system to enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt.

Check Content

Verify the operating system enforces a delay of at least 4 seconds between logon prompts following a failed logon attempt. If it does not, this is a finding.