UCF STIG Viewer Logo

Time before bad-logon counter is reset does not meet minimum requirements.


Overview

Finding ID Version Rule ID IA Controls Severity
V-1098 4.003 SV-29639r1_rule ECLO-1 ECLO-2 Medium
Description
This parameter specifies the amount of time that must pass between two successive login attempts to ensure that a lockout will occur. The smaller this value is, the less effective the account lockout feature will be in protecting the local system.
STIG Date
Win2k8 Audit 2013-06-10

Details

Check Text ( None )
None
Fix Text (F-6570r1_fix)
Configure the system to have the lockout counter reset itself after a minimum of 60 minutes.