| 1.1.1.1 Set 'Account lockout threshold' to '5 invalid logon attempt(s)' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.2.3 Ensure 'Reset account lockout counter after' is set to '15 or more minute(s)' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 1.2.6 - /etc/security/user - 'loginretries <= 3' | CIS AIX 5.3/6.1 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.002 - Number of allowed bad-logon attempts does not meet minimum requirements. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 4.34 init.ora - 'sec_max_failed_login_attempts = 3' | CIS v1.1.0 Oracle 11g OS L1 | Unix | ACCESS CONTROL |
| 4.34 init.ora - 'sec_max_failed_login_attempts = 3' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | ACCESS CONTROL |
| 7.12 Limit number of failed login attempts | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| Account lockout duration | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Account lockout duration | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| AIOS-01-080005 - Apple iOS must not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | ACCESS CONTROL |
| AIOS-01-080005 - Apple iOS must not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | ACCESS CONTROL |
| AIOS-16-006900 - Apple iOS/iPadOS 16 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-006900 - Apple iOS/iPadOS 17 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| ALMA-09-007500 - AlmaLinux OS 9 must automatically lock an account when three unsuccessful logon attempts occur. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-007720 - AlmaLinux OS 9 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ARST-ND-000120 - The Arista network device must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must block any login attempt for 15 minutes. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | ACCESS CONTROL |
| ESXI-70-000005 - The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | ACCESS CONTROL |
| ESXi: esxi-8.account-lockout | VMware vSphere Security Configuration and Hardening Guide | VMware | ACCESS CONTROL |
| FGFW-ND-000045 - The FortiGate device must enforce the limit of three consecutive invalid logon attempts, after which time it must lock out the user account from accessing the device for 15 minutes | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| GEN000460 - The system must disable accounts after three consecutive unsuccessful login attempts. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GOOG-11-000500 - Google Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | ACCESS CONTROL |
| GOOG-11-000500 - Google Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | AirWatch - DISA Google Android 11 COPE v2r1 | MDM | ACCESS CONTROL |
| GOOG-12-006400 - Google Android 12 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 12 COPE v1r2 | MDM | ACCESS CONTROL |
| GOOG-12-006400 - Google Android 12 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | ACCESS CONTROL |
| GOOG-14-006400 - Google Android 14 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 14 COBO v2r2 | MDM | ACCESS CONTROL |
| GOOG-14-006400 - Google Android 14 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 14 COPE v2r2 | MDM | ACCESS CONTROL |
| GOOG-14-706400 - Google Android 14 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 14 BYOAD v1r1 | MDM | ACCESS CONTROL |
| GOOG-14-706400 - Google Android 14 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 14 BYOAD v1r1 | MDM | ACCESS CONTROL |
| GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | ACCESS CONTROL |
| HONW-09-000500 - The Honeywell Mobility Edge Android Pie device must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | ACCESS CONTROL |
| HONW-09-000500 - The Honeywell Mobility Edge Android Pie device must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | ACCESS CONTROL |
| Huawei: SSH Max Retries <= 3 | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Interactive logon: Machine account lockout threshold | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Interactive logon: Machine account lockout threshold | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| KNOX-07-000600 - The Samsung Android 7 with Knox must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | ACCESS CONTROL |
| KNOX-07-000600 - The Samsung Android 7 with Knox must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | ACCESS CONTROL |
| MOTO-09-000500 - The Motorola Android Pie must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | ACCESS CONTROL |
| MSFT-11-000500 - Microsoft Android 11 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Microsoft Android 11 COBO v1r2 | MDM | ACCESS CONTROL |
| MSFT-11-000500 - Microsoft Android 11 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Microsoft Android 11 COBO v1r2 | MDM | ACCESS CONTROL |
| PHTN-40-000004 The Photon operating system must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| Reset account lockout counter after | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| RHEL-08-020011 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-020014 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-020021 - RHEL 8 must log user name information when unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-09-431020 - RHEL 9 must configure SELinux context type to allow the use of a nondefault faillock tally directory. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-611030 - RHEL 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| vCenter: vcenter-8.administration-sso-lockout-policy-max-attempts | VMware vSphere Security Configuration and Hardening Guide | VMware | ACCESS CONTROL |
| ZEBR-10-000500 - Zebra Android 10 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | ACCESS CONTROL |
