UCF STIG Viewer Logo

In order to inform the user of the number of successful login attempts made with the users account, the application must notify the user of the number of successful logins/accesses occurring during an organization-defined time period.


Overview

Finding ID Version Rule ID IA Controls Severity
V-26883 SRG-APP-000077 SV-34163r1_rule Medium
Description
Users need to be aware of activity that occurs regarding their application account. Providing users with information regarding the number of successful attempts made to login to their account allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators. This requirement is intended to cover both traditional logons to information systems and general accesses to information systems occurring in other types of architectural configurations (e.g., service oriented architectures).
STIG Date
Application Security Requirements Guide 2011-12-28

Details

Check Text ( None )
None
Fix Text (None)
None