UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The system must disable accounts after three consecutive unsuccessful login attempts.


Overview

Finding ID Version Rule ID IA Controls Severity
V-766 GEN000460 SV-39815r1_rule ECLO-1 ECLO-2 Medium
Description
Disabling accounts after a limited number of unsuccessful login attempts improves protection against password guessing attacks.
STIG Date
Solaris 10 X86 Security Technical Implementation Guide 2014-06-27

Details

Check Text ( None )
None
Fix Text (F-33972r1_fix)
Set RETRIES to 3 in the /etc/default/login file.
#vi /etc/default/login

Set LOCK_AFTER_RETRIES to YES in the /etc/security/policy.conf file.
#vi /etc/security/policy.conf