[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

111017

 
 

909

 
 

86402

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

Account lockout duration

ID: oval:org.secpod.oval:def:36555Date: (C)2016-08-05   (M)2018-07-10
Class: COMPLIANCEFamily: windows




This security setting determines the number of minutes a locked-out account remains locked out before automatically becoming unlocked. The available range is from 0 minutes through 99,999 minutes. If you set the account lockout duration to 0, the account will be locked out until an administrator explicitly unlocks it. If an account lockout threshold is defined, the account lockout duration must be greater than or equal to the reset time. Default: None, because this policy setting only has meaning when an Account lockout threshold is specified. Counter Measure: Configure the Account lockout duration setting to an appropriate value for your environment. To specify that the account will remain locked until an administrator manually unlocks it, configure the value to 0. When the Account lockout duration setting is configured to a non-zero value, automated attempts to guess account passwords must wait for this interval before they resume attempts against a specific account. Using this setting in combination with the Account lockout threshold setting makes automated password guessing attempts more difficult. Potential Impact: Although it may seem like a good idea to configure this policy setting to never automatically unlock an account, such a configuration can increase the number of requests that your organization's help desk receives to unlock accounts that were locked by mistake. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policy\Account lockout duration (2) REG: ### (3) WMI: root\rsop\computer#RSOP_SecuritySettingNumeric#Setting#KeyName='LockoutDuration' And precedence=1

Platform:
Microsoft Windows 10
Reference:
CCE-43748-3
CCE    1
CCE-43748-3
XCCDF    6
xccdf_org.secpod_benchmark_SecPod_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
...

© SecPod Technologies