The delay between login prompts following a failed login attempt must be at least 4 seconds.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-768 | GEN000480 | SV-38839r1_rule | ECLO-1 ECLO-2 | Medium |
| Description |
|---|
| Enforcing a delay between successive failed login attempts increases protection against automated password guessing attacks. |
| STIG | Date |
|---|---|
| AIX 6.1 Security Technical Implementation Guide | 2013-09-23 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-33091r1_fix) |
|---|
| Use vi or the chsec command to change the login delay time period. #chsec -f /etc/security/login.cfg -s default -a logindelay=4 OR # vi /etc/security/login.cfg Add logindelay = 4 to the default stanza. |