The system must disable accounts after three consecutive unsuccessful login attempts.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-766 | GEN000460 | SV-35267r1_rule | ECLO-1 ECLO-2 | Medium |
| Description |
|---|
| Disabling accounts after a limited number of unsuccessful login attempts improves protection against password guessing attacks. |
| STIG | Date |
|---|---|
| HP-UX 11.23 Security Technical Implementation Guide | 2013-07-02 |
Details
| Check Text ( C-35099r1_chk ) |
|---|
| Check the t_maxtries setting. # more /tcb/files/auth/system/default Look for the value of the u_maxtries variable in the file. This will give you the maximum number of tries before the system will lock the account. If this value is 0 or greater than 3, this is a finding. |
| Fix Text (F-30368r1_fix) |
|---|
| The vendor change tool supplied with the OS is SAM. # sam Then: Auditing and Security -> System Security Policies -> Terminal Security Policies. Select and change: "Maximum Unsuccessful Login Tries Allowed". |