UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network device must enforce the organizationally defined maximum number of consecutive invalid login attempts.


Overview

Finding ID Version Rule ID IA Controls Severity
SRG-NET-000038-NDM-000025 SRG-NET-000038-NDM-000025 SRG-NET-000038-NDM-000025_rule Medium
Description
The network device must limit the number of times an account may consecutively fail at login. By limiting the number of failed login attempts, the risk of unauthorized system access by password guessing (i.e., brute force attack) is reduced.
STIG Date
Network Device Management Security Requirements Guide 2013-07-30

Details

Check Text ( C-SRG-NET-000038-NDM-000025_chk )
Review the network device configuration for both the local and network connections to determine whether the setting for the maximum number of consecutive invalid login attempts is configured and enforced.

If the network device is not configured to enforce the organizationally defined limit of consecutive invalid login attempts, this is a finding.
Fix Text (F-SRG-NET-000038-NDM-000025_fix)
Configure the network device to enforce the organizationally defined maximum number of consecutive invalid login attempts.