| 4.002 - Number of allowed bad-logon attempts does not meet minimum requirements. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| AIOS-14-000400 - The mobile operating system must be configured to not allow more than ten consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL |
| AIOS-15-006900 - Apple iOS/iPadOS 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
| AIOS-15-006900 - Apple iOS/iPadOS 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
| AIOS-16-706900 - Apple iOS/iPadOS 16 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-16-706900 - Apple iOS/iPadOS 16 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-706900 - Apple iOS/iPadOS 17 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-18-006900 - Apple iOS/iPadOS 18 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | ACCESS CONTROL |
| AIOS-18-006900 - Apple iOS/iPadOS 18 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | ACCESS CONTROL |
| ALMA-09-007610 - AlmaLinux OS 9 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-007940 - AlmaLinux OS 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/password-auth file. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ESXI-67-000005 - The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | ACCESS CONTROL |
| ESXi: esxi-8.account-lockout | VMware vSphere Security Configuration and Hardening Guide | VMware | ACCESS CONTROL |
| EX19-ED-000019 - Exchange external Receive connectors must be domain secure-enabled. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | ACCESS CONTROL |
| GEN000460 - The system must disable accounts after three consecutive unsuccessful login attempts. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GOOG-11-000500 - Google Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | AirWatch - DISA Google Android 11 COBO v2r1 | MDM | ACCESS CONTROL |
| GOOG-11-000500 - Google Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | ACCESS CONTROL |
| GOOG-12-006400 - Google Android 12 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-12-006400 - Google Android 12 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 12 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-13-006400 - Google Android 13 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 13 COBO v2r2 | MDM | ACCESS CONTROL |
| GOOG-13-006400 - Google Android 13 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 13 COPE v2r2 | MDM | ACCESS CONTROL |
| GOOG-13-706400 - Google Android 13 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 13 BYOD v1r2 | MDM | ACCESS CONTROL |
| GOOG-13-706400 - Google Android 13 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 13 BYOD v1r2 | MDM | ACCESS CONTROL |
| GOOG-14-006400 - Google Android 14 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 14 COPE v2r2 | MDM | ACCESS CONTROL |
| GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | ACCESS CONTROL |
| GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | ACCESS CONTROL |
| HONW-09-000500 - The Honeywell Mobility Edge Android Pie device must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Honeywell Android 9.x COBO v1r2 | MDM | ACCESS CONTROL |
| JUEX-NM-000080 - The Juniper EX switch must be configured to enforce the limit of three consecutive invalid logon attempts for any given user, after which time it must block any login attempt for that user for 15 minutes. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | ACCESS CONTROL |
| MOTO-09-000500 - The Motorola Android Pie must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Motorola Android Pie.x COBO v1r2 | MDM | ACCESS CONTROL |
| MOTO-09-000500 - The Motorola Android Pie must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Motorola Android Pie.x COPE v1r2 | MDM | ACCESS CONTROL |
| MOTS-11-000500 - Motorola Solutions Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | MobileIron - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | ACCESS CONTROL |
| MSFT-11-000500 - Microsoft Android 11 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Microsoft Android 11 COPE v1r2 | MDM | ACCESS CONTROL |
| MSFT-11-000500 - Microsoft Android 11 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Microsoft Android 11 COPE v1r2 | MDM | ACCESS CONTROL |
| PHTN-40-000192 The Photon operating system must be configured to use the pam_faillock.so module. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-40-000193 The Photon operating system must prevent leaking information of the existence of a user account. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-40-000194 The Photon operating system must audit logon attempts for unknown users. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-40-000195 The Photon operating system must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-40-000196 The Photon operating system must persist lockouts between system reboots. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-020023 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-020025 - RHEL 8 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| SPLK-CL-000060 - Splunk Enterprise must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OS | Unix | ACCESS CONTROL |
| vCenter: vcenter-8.administration-sso-lockout-policy-max-attempts | VMware vSphere Security Configuration and Hardening Guide | VMware | ACCESS CONTROL |
| VCSA-70-000023 - The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | ACCESS CONTROL |
| VCSA-80-000023 - The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | ACCESS CONTROL |
| WN11-AC-000010 - The number of allowed bad logon attempts must be configured to three or less. | DISA Microsoft Windows 11 STIG v2r3 | Windows | ACCESS CONTROL |
| WN22-AC-000020 - Windows Server 2022 must have the number of allowed bad logon attempts configured to three or less. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
| ZEBR-10-000500 - Zebra Android 10 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Zebra Android 10 COBO v1r2 | MDM | ACCESS CONTROL |
| ZEBR-11-000500 - Zebra Android 11 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Zebra Android 11 COBO v1r3 | MDM | ACCESS CONTROL |
| ZEBR-11-000500 - Zebra Android 11 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Zebra Android 11 COBO v1r3 | MDM | ACCESS CONTROL |
