4.6 Ensure the maximum failed login attempts is set to 3

Information

Authentication should be configured so there is a maximum number of consecutive failed
login attempts for each account, at which point the account at risk will be locked out.

*Rationale*

Multiple account login failures for the same account could possibly be an attacker trying to brute force guess the password.

Solution

To verify the maximum failed login attempts is set properly, perform the following steps:

1. From the vSphere Web Client, select the host.
2. Click "Configure" -> "Settings" -> "System" -> "Advanced System Settings".
3. Enter "Security.AccountLockFailures" in the filter.
4. Verify that the value for this parameter is 3.
Alternately, the following PowerCLI command may be used:

Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures

See Also

https://workbench.cisecurity.org/files/2168

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-2, CSCv7|16

Plugin: VMware

Control ID: fcddd631b8f76c2757640f806a6430db7c13a96cd4053b4b2c1c5d893239197e