UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The network element must automatically lock out an account after the maximum number of unsuccessful attempts is exceeded and remain locked until released by an administrator.


Overview

Finding ID Version Rule ID IA Controls Severity
V-26800 SRG-NET-000040 SV-34050r1_rule Medium
Description
A malicious or unauthorized user could gain access to a network element by guessing or using methods such as dictionary attack, word list substitution, or brute force attack—all of which require multiple attempts. Locking out an account after a maximum number of unsuccessful attempts are exceeded will reduce the risk of unauthorized system access via password guessing.
STIG Date
Network Security Requirements Guide 2011-12-28

Details

Check Text ( None )
None
Fix Text (None)
None