| 1.46 WN10-AC-000010 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | ACCESS CONTROL |
| 1.50 WN22-AC-000030 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.290 RHEL-09-412045 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.316 RHEL-09-611035 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 4.002 - Number of allowed bad-logon attempts does not meet minimum requirements. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| AIOS-01-080005 - Apple iOS must not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | ACCESS CONTROL |
| AIOS-01-080005 - Apple iOS must not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | ACCESS CONTROL |
| AIOS-17-006900 - Apple iOS/iPadOS 17 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | ACCESS CONTROL |
| AZLX-23-002620 - Amazon Linux 2023 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file. | DISA Amazon Linux 2023 STIG v1r2 | Unix | ACCESS CONTROL |
| ESXi: esxi-8.account-lockout | VMware vSphere Security Configuration and Hardening Guide | VMware | ACCESS CONTROL |
| F5BI-DM-300013 - The F5 BIG-IP appliance must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must block any login attempt for at least 15 minutes. | DISA F5 BIG-IP TMOS NDM STIG v1r2 | F5 | ACCESS CONTROL |
| FGFW-ND-000045 - The FortiGate device must enforce the limit of three consecutive invalid logon attempts, after which time it must lock out the user account from accessing the device for 15 minutes | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| GEN000460 - The system must disable accounts after three consecutive unsuccessful login attempts. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GOOG-11-000500 - Google Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | AirWatch - DISA Google Android 11 COBO v2r1 | MDM | ACCESS CONTROL |
| GOOG-11-000500 - Google Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | ACCESS CONTROL |
| GOOG-12-006400 - Google Android 12 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | ACCESS CONTROL |
| GOOG-13-006400 - Google Android 13 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 13 COPE STIG v2r3 | MDM | ACCESS CONTROL |
| GOOG-14-006400 - Google Android 14 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 14 COBO STIG v2r3 | MDM | ACCESS CONTROL |
| GOOG-14-006400 - Google Android 14 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 14 COPE STIG v2r3 | MDM | ACCESS CONTROL |
| GOOG-14-006400 - Google Android 14 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 14 COPE STIG v2r3 | MDM | ACCESS CONTROL |
| GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 15 COBO STIG v1r3 | MDM | ACCESS CONTROL |
| GOOG-16-006400 - Google Android 16 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 16 COPE STIG v1r1 | MDM | ACCESS CONTROL |
| GOOG-16-006400 - Google Android 16 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 16 COPE STIG v1r1 | MDM | ACCESS CONTROL |
| GOOG-16-006400 - Google Android 16 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 16 COBO STIG v1r1 | MDM | ACCESS CONTROL |
| HONW-09-000500 - The Honeywell Mobility Edge Android Pie device must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Honeywell Android 9.x COBO v1r2 | MDM | ACCESS CONTROL |
| HONW-13-006400 - Honeywell Android 13 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Honeywell Android 13 COBO STIG v1r1 | MDM | ACCESS CONTROL |
| JUEX-NM-000080 - The Juniper EX switch must be configured to enforce the limit of three consecutive invalid logon attempts for any given user, after which time it must block any login attempt for that user for 15 minutes. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | ACCESS CONTROL |
| KNOX-07-000600 - The Samsung Android 7 with Knox must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | ACCESS CONTROL |
| MOTO-09-000500 - The Motorola Android Pie must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Motorola Android Pie.x COBO v1r2 | MDM | ACCESS CONTROL |
| MOTO-09-000500 - The Motorola Android Pie must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | ACCESS CONTROL |
| MSFT-11-000500 - Microsoft Android 11 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Microsoft Android 11 COBO v1r2 | MDM | ACCESS CONTROL |
| MSFT-11-000500 - Microsoft Android 11 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Microsoft Android 11 COBO v1r2 | MDM | ACCESS CONTROL |
| OL09-00-003012 - OL 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/password-auth file. | DISA Oracle Linux 9 STIG v1r5 | Unix | ACCESS CONTROL |
| PHTN-40-000192 - The Photon operating system must be configured to use the pam_faillock.so module. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-40-000193 - The Photon operating system must prevent leaking information of the existence of a user account. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-020013 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-020014 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-020015 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-020016 - RHEL 8 must ensure account lockouts persist. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-020019 - RHEL 8 must prevent system messages from being presented when three unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-020025 - RHEL 8 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-09-411105 - RHEL 9 must ensure account lockouts persist. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-412045 - RHEL 9 must log username information when unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-431020 - RHEL 9 must configure SELinux context type to allow the use of a nondefault faillock tally directory. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-611030 - RHEL 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-10-500020 - RHEL 10 must log username information when unsuccessful login attempts occur. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| vCenter: vcenter-8.administration-sso-lockout-policy-max-attempts | VMware vSphere Security Configuration and Hardening Guide | VMware | ACCESS CONTROL |
| WN22-AC-000030 - Windows Server 2022 must have the period of time before the bad logon counter is reset configured to 15 minutes or greater. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | ACCESS CONTROL |
| ZEBR-11-000500 - Zebra Android 11 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Zebra Android 11 COBO STIG v1r4 | MDM | ACCESS CONTROL |
