Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.1.1 Set 'Account lockout threshold' to '5 invalid logon attempt(s)'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.1.1.2 Set 'Account lockout duration' to '15 or more minute(s)'CIS Windows 8 L1 v1.0.0Windows

ACCESS CONTROL

1.2.2 Ensure 'Account lockout threshold' is set to '10 or fewer invalid logon attempt(s), but not 0'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)'CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0Windows

ACCESS CONTROL

2.20 Set 'Number of attempts allowed' to '10'CIS Microsoft Exchange Server 2016 CAS v1.0.0Windows

ACCESS CONTROL

4.4.1.2 Ensure latest version of authselect is installedCIS AlmaLinux OS 8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.4.1.2 Ensure latest version of authselect is installedCIS Red Hat EL8 Server L1 v3.0.0Unix

ACCESS CONTROL

4.4.1.2 Ensure latest version of authselect is installedCIS Red Hat EL8 Workstation L1 v3.0.0Unix

ACCESS CONTROL

4.4.2.1.1 Ensure pam_faillock module is enabledCIS Red Hat Enterprise Linux 7 v4.0.0 L1 WorkstationUnix

ACCESS CONTROL

5.2.1 Configure account lockout thresholdCIS Apple OSX 10.11 El Capitan L1 v1.1.0Unix

ACCESS CONTROL

5.2.5 Ensure SSH MaxAuthTries is set to 4 or lessCIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0Unix

ACCESS CONTROL

5.3.1 Ensure password creation requirements are configured - 'retry=3'CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0Unix

ACCESS CONTROL

5.3.2 Ensure lockout for failed password attempts is configured - password-auth 'auth [success=1 default=bad] pam_unix.so'CIS Amazon Linux v2.1.0 L1Unix

ACCESS CONTROL

5.3.7 Ensure lockout for unsuccessful root logon attempts - password-auth defaultCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

5.3.7 Ensure lockout for unsuccessful root logon attempts - system-auth requiredCIS Amazon Linux 2 STIG v1.0.0 L3Unix

ACCESS CONTROL

6.1.4 Set SSH MaxAuth Tries to 3 - Check if MaxAuthTries is set to 3 or lower and not commented for the server.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.4 Limit Consecutive Login Attempts for SSH - MaxAuthTries = 6CIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.10 Set Delay between Failed Login Attempts to 4 - SLEEPTIME = 4CIS Solaris 11.1 L1 v1.0.0Unix

ACCESS CONTROL

6.10 Set Delay between Failed Login Attempts to 4 - SLEEPTIME = 4CIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

6.11 Set Retry Limit for Account Lockout - Check if 'RETRIES' in /etc/default/login is set to 3.CIS Solaris 10 L1 v5.2Unix

ACCESS CONTROL

6.15 Set Retry Limit for Account Lockout - LOCK_AFTER_RETRIES = yesCIS Solaris 11.2 L1 v1.1.0Unix

ACCESS CONTROL

6.15 Set Retry Limit for Account Lockout - LOCK_AFTER_RETRIES = yesCIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

6.15 Set Retry Limit for Account Lockout - RETRIES = 3CIS Solaris 11 L1 v1.1.0Unix

ACCESS CONTROL

Account lockout durationMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Account lockout durationMSCT MSCT Windows Server 2022 DC v1.0.0Windows

ACCESS CONTROL

Account lockout durationMSCT Windows 10 v1507 v1.0.0Windows

ACCESS CONTROL

Account lockout durationMSCT Windows Server 1903 MS v1.19.9Windows

ACCESS CONTROL

Account lockout durationMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

Account lockout durationMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Account lockout thresholdMSCT Windows Server 2012 R2 DC v1.0.0Windows

ACCESS CONTROL

Ensure SSH MaxAuthTries is set to 4 or lessTenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

ESXi : set-account-lockoutVMWare vSphere 6.5 Hardening GuideVMware

ACCESS CONTROL

Extreme : Password Policy - lockout-on-login-failuresTNS Extreme ExtremeXOS Best Practice AuditExtreme_ExtremeXOS

ACCESS CONTROL

FireEye - AAA lockouts delay further attempts for at least 30 secondsTNS FireEyeFireEye

ACCESS CONTROL

IBM i : Maximum Sign-On Attempts (QMAXSIGN) - '<=3'IBM System i Security Reference for V7R2AS/400

ACCESS CONTROL

Interactive logon: Machine account lockout thresholdMSCT Windows 11 v24H2 v1.0.0Windows

ACCESS CONTROL

Interactive logon: Machine account lockout thresholdMSCT Windows 10 1903 v1.19.9Windows

ACCESS CONTROL

Lockout for failed password attempts - 'auth sufficient pam_unix.so'Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Lockout for failed password attempts - password-auth 'auth sufficient pam_faillock.so authsucc audit deny=5 unlock_time=900'Tenable Cisco Firepower Management Center OS Best Practices AuditUnix

ACCESS CONTROL

Reset account lockout counter afterMSCT Windows 10 v21H1 v1.0.0Windows

ACCESS CONTROL

Reset account lockout counter afterMSCT Windows 11 v1.0.0Windows

ACCESS CONTROL

Reset account lockout counter afterMSCT Windows 11 v23H2 v1.0.0Windows

ACCESS CONTROL

Reset account lockout counter afterMSCT Windows 10 1909 v1.0.0Windows

ACCESS CONTROL

Reset account lockout counter afterMSCT Windows Server v2004 MS v1.0.0Windows

ACCESS CONTROL

Reset account lockout counter afterMSCT Windows Server 2019 DC v1.0.0Windows

ACCESS CONTROL

Reset account lockout counter afterMSCT Windows Server 2019 MS v1.0.0Windows

ACCESS CONTROL

Reset account lockout counter afterMSCT Windows Server v20H2 DC v1.0.0Windows

ACCESS CONTROL

Reset lockout counter afterMSCT Windows Server 2016 MS v1.0.0Windows

ACCESS CONTROL

Salesforce.com : Setting Password Policies - 'invalid login attempts <= 5'TNS Salesforce Best Practices Audit v1.2.0Salesforce.com

ACCESS CONTROL

User Authentication Security - Configure login security options to hinder password guessing attacks - minimum-timeJuniper Hardening JunOS 12 Devices ChecklistJuniper

ACCESS CONTROL