The maximum number of unsuccessful login attempts must be set to an organizationally defined value.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-NET-000039-IDPS-000060 | SRG-NET-000039-IDPS-000060 | SRG-NET-000039-IDPS-000060_rule | Medium |
| Description |
|---|
| By limiting the number of failed login attempts within a defined period of time, the risk of unauthorized system access via user password guessing can be mitigated. |
| STIG | Date |
|---|---|
| IDPS Security Requirements Guide (SRG) | 2012-03-08 |
Details
| Check Text ( C-43188_chk ) |
|---|
| View the configuration for both the GUI and the SSH. Verify the GUI and the SSH are configured to count the maximum number of unsuccessful SSH login attempts is set to an organizationally defined value. If the maximum number of unsuccessful login attempts is not set to an organizationally defined value, this is a finding. |
| Fix Text (F-43188_fix) |
|---|
| Configure the GUI and SSH, so the maximum number of unsuccessful login attempts are set to an organizationally defined value. |