Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The network element must automatically lock out an account after the maximum number of unsuccessful attempts is exceeded and remain locked until released by an administrator.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-26800 | SRG-NET-000040 | SV-34050r1_rule | Medium |
| Description |
|---|
| A malicious or unauthorized user could gain access to a network element by guessing or using methods such as dictionary attack, word list substitution, or brute force attack—all of which require multiple attempts. Locking out an account after a maximum number of unsuccessful attempts are exceeded will reduce the risk of unauthorized system access via password guessing. |
| STIG | Date |
|---|---|
| Network Security Requirements Guide | 2011-12-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (None) |
|---|
| None |