| AIOS-12-000400 - Apple iOS must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS 12 v2r1 | MDM | ACCESS CONTROL |
| AIOS-12-000400 - Apple iOS must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS 12 v2r1 | MDM | ACCESS CONTROL |
| AOSX-14-000020 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL |
| APPL-14-000022 The macOS system must limit consecutive failed log on attempts to three. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-000060 The macOS system must set account lockout time to 15 minutes. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-15-000022 - The macOS system must limit consecutive failed login attempts to three. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
| APPL-15-000060 - The macOS system must set account lockout time to 15 minutes. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
| CISC-ND-000150 - The Cisco switch must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must disconnect the session. | DISA Cisco NX OS Switch NDM STIG v3r3 | Cisco | ACCESS CONTROL |
| CISC-ND-000150 - The Cisco switch must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must lock out the user account from accessing the device for 15 minutes. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | ACCESS CONTROL |
| CISC-ND-000150 - The Cisco switch must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must lock out the user account from accessing the device for 15 minutes. | DISA Cisco IOS XE Switch NDM STIG v3r4 | Cisco | ACCESS CONTROL |
| ESXI-65-000005 - The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | ACCESS CONTROL |
| GOOG-09-000500 - The Google Android Pie must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 9.x v2r1 | MDM | ACCESS CONTROL |
| GOOG-09-000500 - The Google Android Pie must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 9.x v2r1 | MDM | ACCESS CONTROL |
| GOOG-10-000500 - Google Android 10 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 10.x v2r1 | MDM | ACCESS CONTROL |
| JUNI-ND-000150 - The Juniper router must be configured to enforce the limit of three consecutive invalid logon attempts after which time lock out the user account from accessing the device for 15 minutes. | DISA STIG Juniper Router NDM v3r2 | Juniper | ACCESS CONTROL |
| OL6-00-000061 - The system must disable accounts after three consecutive unsuccessful logon attempts - password-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000061 - The system must disable accounts after three consecutive unsuccessful logon attempts - system-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL08-00-020010 - OL 8 systems below version 8.2 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020011 - OL 8 systems, versions 8.2 and above, must automatically lock an account when three unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020012 - OL 8 systems below version 8.2 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020014 - OL 8 systems below version 8.2 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020015 - OL 8 systems, versions 8.2 and above, must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020016 - OL 8 systems below version 8.2 must ensure account lockouts persist. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020017 - OL 8 systems, versions 8.2 and above, must ensure account lockouts persist. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020018 - OL 8 systems below version 8.2 must prevent system messages from being presented when three unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020019 - OL 8 systems, versions 8.2 and above, must prevent system messages from being presented when three unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020020 - OL 8 systems below version 8.2 must log user name information when unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020021 - OL 8 systems, versions 8.2 and above, must log user name information when unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020022 - OL 8 systems below version 8.2 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020023 - OL 8 systems, versions 8.2 and above, must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020025 - OL 8 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020026 - OL 8 must configure the use of the pam_faillock.so module in the /etc/pam.d/password-auth file. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020027 - OL 8 systems, versions 8.2 and above, must configure SELinux context type to allow the use of a non-default faillock tally directory. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020028 - OL 8 systems below version 8.2 must configure SELinux context type to allow the use of a non-default faillock tally directory. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| PHTN-30-000002 - The Photon operating system must automatically lock an account when three unsuccessful logon attempts occur. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | ACCESS CONTROL |
| RHEL-06-000061 - The system must disable accounts after three consecutive unsuccessful logon attempts - 'system-auth [default=die]' | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000061 - The system must disable accounts after three consecutive unsuccessful logon attempts - 'system-auth required' | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-08-020027 - RHEL 8 systems, versions 8.2 and above, must configure SELinux context type to allow the use of a non-default faillock tally directory. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-020028 - RHEL 8 systems below version 8.2 must configure SELinux context type to allow the use of a non-default faillock tally directory. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-09-411075 - RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-411080 - RHEL 9 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-411085 - RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-411090 - RHEL 9 must maintain an account lock until the locked account is released by an administrator. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| SLES-12-010130 - The SUSE operating system must lock an account after three consecutive invalid access attempts. | DISA SLES 12 STIG v3r2 | Unix | ACCESS CONTROL |
| SOL-11.1-040140 - The system must disable accounts after three consecutive unsuccessful login attempts. | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL |
| SPLK-CL-000240 - Splunk Enterprise must enforce the limit of 3 consecutive invalid logon attempts by a user during a 15 minute time period. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | ACCESS CONTROL |
| UBTU-20-010072 - The Ubuntu operating system must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts have been made. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | ACCESS CONTROL |
| UBTU-24-200610 - Ubuntu 24.04 LTS must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts have been made. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | ACCESS CONTROL |
| WN10-AC-000010 - The number of allowed bad logon attempts must be configured to 3 or less. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL |
| WN16-AC-000020 - Windows Server 2016 must have the number of allowed bad logon attempts configured to three or less. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL |
