SRG-OS-000329-GPOS-00128 Controls

STIG ID Version Title Product
ALMA-09-008160 V1R1 AlmaLinux OS 9 must maintain an account lock until the locked account is manually released by an administrator; and not automatically after a set time.
ALMA-09-008270 V1R1 AlmaLinux OS 9 must ensure account locks persist across reboots.
ALMA-09-008380 V1R1 AlmaLinux OS 9 must configure the appropriate SELinux context on the nondefault faillock tally directory.
OL07-00-010330 V3R1 The Oracle Linux operating system must lock the associated account after three unsuccessful root logon attempts are made within a 15-minute period.
RHEL-07-010320 V3R9 The Red Hat Enterprise Linux operating system must be configured to lock accounts for a minimum of 15 minutes after three unsuccessful logon attempts within a 15-minute timeframe.
RHEL-07-010330 V3R9 The Red Hat Enterprise Linux operating system must lock the associated account after three unsuccessful root logon attempts are made within a 15-minute period.
RHEL-09-411075 V2R2 RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur.
RHEL-09-411080 V2R2 RHEL 9 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period.
RHEL-09-411085 V2R2 RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period.
RHEL-09-411090 V2R2 RHEL 9 must maintain an account lock until the locked account is released by an administrator.
UBTU-20-010072 V2R1 The Ubuntu operating system must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts have been made.
WN10-AC-000005 V3R2 Windows 10 account lockout duration must be configured to 15 minutes or greater.
WN11-AC-000005 V2R2 Windows 11 account lockout duration must be configured to 15 minutes or greater.
WN16-AC-000010 V2R9 Windows 2016 account lockout duration must be configured to 15 minutes or greater.
WN19-AC-000010 V3R2 Windows Server 2019 account lockout duration must be configured to 15 minutes or greater.
WN22-AC-000010 V2R2 Windows Server 2022 account lockout duration must be configured to 15 minutes or greater.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.