UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The delay between login prompts following a failed login attempt must be at least 4 seconds.


Overview

Finding ID Version Rule ID IA Controls Severity
V-768 GEN000480 SV-768r2_rule ECLO-1 ECLO-2 Medium
Description
Enforcing a delay between successive failed login attempts increases protection against automated password guessing attacks.
STIG Date
UNIX SRG 2013-03-26

Details

Check Text ( C-28005r1_chk )
Attempt to log on to the system with an invalid user account name and an incorrect password. If the system does not pause for at least 4 seconds before displaying another logon prompt, this is a finding.
Fix Text (F-24359r1_fix)
Configure the system to delay at least 4 seconds between login prompts following a failed login attempt.