| 1.290 RHEL-09-412045 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.301 RHEL-09-431020 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.315 RHEL-09-611030 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.316 RHEL-09-611035 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 4.002 - Number of allowed bad-logon attempts does not meet minimum requirements. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| AIOS-14-000400 - The mobile operating system must be configured to not allow more than ten consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL |
| AIOS-15-006900 - Apple iOS/iPadOS 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
| AIOS-16-706900 - Apple iOS/iPadOS 16 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-006900 - Apple iOS/iPadOS 17 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | ACCESS CONTROL |
| AIOS-18-006900 - Apple iOS/iPadOS 18 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | ACCESS CONTROL |
| ALMA-09-007500 - AlmaLinux OS 9 must automatically lock an account when three unsuccessful logon attempts occur. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | ACCESS CONTROL |
| ALMA-09-007940 - AlmaLinux OS 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/password-auth file. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | ACCESS CONTROL |
| ARST-ND-000120 - The Arista network device must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must block any login attempt for 15 minutes. | DISA STIG Arista MLS EOS 4.x NDM v2r2 | Arista | ACCESS CONTROL |
| ESXi: esxi-8.account-lockout | VMware vSphere Security Configuration and Hardening Guide | VMware | ACCESS CONTROL |
| EX19-ED-000019 - Exchange external Receive connectors must be domain secure-enabled. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | ACCESS CONTROL |
| GEN000460 - The system must disable accounts after three consecutive unsuccessful login attempts. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GOOG-12-006400 - Google Android 12 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 12 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-13-006400 - Google Android 13 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 13 COBO v2r2 | MDM | ACCESS CONTROL |
| GOOG-13-706400 - Google Android 13 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 13 BYOD v1r2 | MDM | ACCESS CONTROL |
| GOOG-13-706400 - Google Android 13 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 13 BYOD v1r2 | MDM | ACCESS CONTROL |
| GOOG-14-006400 - Google Android 14 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 14 COBO v2r2 | MDM | ACCESS CONTROL |
| GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | ACCESS CONTROL |
| HONW-09-000500 - The Honeywell Mobility Edge Android Pie device must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Honeywell Android 9.x COBO v1r2 | MDM | ACCESS CONTROL |
| HONW-13-006400 - Honeywell Android 13 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Honeywell Android 13 COBO v1r1 | MDM | ACCESS CONTROL |
| HONW-13-006400 - Honeywell Android 13 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | ACCESS CONTROL |
| MOTO-09-000500 - The Motorola Android Pie must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Motorola Android Pie.x COBO v1r2 | MDM | ACCESS CONTROL |
| MOTS-11-000500 - Motorola Solutions Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | AirWatch - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | ACCESS CONTROL |
| MSFT-11-000500 - Microsoft Android 11 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Microsoft Android 11 COPE v1r2 | MDM | ACCESS CONTROL |
| OL09-00-003010 - OL 9 must configure SELinux context type to allow the use of a nondefault faillock tally directory. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL |
| OL09-00-003022 - OL 9 must log username information when unsuccessful logon attempts occur. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL |
| PHTN-40-000195 The Photon operating system must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-40-000196 The Photon operating system must persist lockouts between system reboots. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-08-020011 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-08-020015 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-08-020017 - RHEL 8 must ensure account lockouts persist. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-08-020022 - RHEL 8 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-411105 - RHEL 9 must ensure account lockouts persist. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-412045 - RHEL 9 must log username information when unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| SPLK-CL-000060 - Splunk Enterprise must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG OS | Unix | ACCESS CONTROL |
| SYMP-NM-000050 - Symantec ProxySG must be configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period - Lockout duration | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | ACCESS CONTROL |
| SYMP-NM-000050 - Symantec ProxySG must be configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period - max-failed-attempts | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | ACCESS CONTROL |
| SYMP-NM-000050 - Symantec ProxySG must be configured to enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period - Reset interval | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | ACCESS CONTROL |
| vCenter: vcenter-8.administration-sso-lockout-policy-max-attempts | VMware vSphere Security Configuration and Hardening Guide | VMware | ACCESS CONTROL |
| VCSA-80-000023 - The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | ACCESS CONTROL |
| WN11-AC-000015 - The period of time before the bad logon counter is reset must be configured to 15 minutes. | DISA Microsoft Windows 11 STIG v2r4 | Windows | ACCESS CONTROL |
| WN22-AC-000030 - Windows Server 2022 must have the period of time before the bad logon counter is reset configured to 15 minutes or greater. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | ACCESS CONTROL |
| ZEBR-10-000500 - Zebra Android 10 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Zebra Android 10 COBO v1r2 | MDM | ACCESS CONTROL |
| ZEBR-10-000500 - Zebra Android 10 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Zebra Android 10 COPE v1r2 | MDM | ACCESS CONTROL |
| ZEBR-11-000500 - Zebra Android 11 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Zebra Android 11 COBO v1r3 | MDM | ACCESS CONTROL |
| ZEBR-11-000500 - Zebra Android 11 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Zebra Android 11 COBO v1r3 | MDM | ACCESS CONTROL |
