| 1.47 WN10-AC-000015 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | ACCESS CONTROL |
| 1.48 WN22-AC-000010 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.48 WN22-AC-000010 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 4.003 - Time before bad-logon counter is reset does not meet minimum requirements. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 5.4.13 Ensure lockout for unsuccessful root logon attempts | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| ALMA-09-008160 - AlmaLinux OS 9 must maintain an account lock until the locked account is manually released by an administrator; and not automatically after a set time. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | ACCESS CONTROL |
| ALMA-09-008270 - AlmaLinux OS 9 must ensure account locks persist across reboots. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | ACCESS CONTROL |
| ALMA-09-008380 - AlmaLinux OS 9 must configure the appropriate SELinux context on the nondefault faillock tally directory. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | ACCESS CONTROL |
| APPL-11-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - maxFailedAttempts | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL |
| APPL-11-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - maxFailedAttempts | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL |
| APPL-11-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - minutesUntilFailedLoginReset | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL |
| APPL-11-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - minutesUntilFailedLoginReset | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL |
| APPL-12-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL |
| APPL-13-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked. | DISA STIG Apple macOS 13 v1r5 | Unix | ACCESS CONTROL |
| AZLX-23-002455 - Amazon Linux 2023 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Amazon Linux 2023 STIG v1r2 | Unix | ACCESS CONTROL |
| AZLX-23-002460 - Amazon Linux 2023 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Amazon Linux 2023 STIG v1r2 | Unix | ACCESS CONTROL |
| AZLX-23-002465 - Amazon Linux 2023 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts in 15 minutes occur. | DISA Amazon Linux 2023 STIG v1r2 | Unix | ACCESS CONTROL |
| AZLX-23-002470 - Amazon Linux 2023 must maintain an account lock until the locked account is released by an administrator. | DISA Amazon Linux 2023 STIG v1r2 | Unix | ACCESS CONTROL |
| Big Sur - Set Account Lockout Time to 15 Minutes | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Catalina - Set Account Lockout Time to 15 Minutes | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL |
| Catalina - Set Account Lockout Time to 15 Minutes | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Catalina - Set Account Lockout Time to 15 Minutes | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
| ESXI-06-000006 - The system must enforce the unlock timeout of 15 minutes after a user account is locked out. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | ACCESS CONTROL |
| ESXI-67-000006 - The ESXi host must enforce the unlock timeout of 15 minutes after a user account is locked out. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | ACCESS CONTROL |
| ESXI-70-000006 - The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out. | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | ACCESS CONTROL |
| ESXI-80-000111 - The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | ACCESS CONTROL |
| ESXI-80-000111 - The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds - '/etc/pam.d/system-auth-local' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds - '/etc/pam.d/system-auth-local' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| PHTN-40-000108 - The Photon operating system must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts in 15 minutes occur. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-10-600200 - RHEL 10 must enforce a delay of at least four seconds between login prompts following a failed login attempt. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| SPLK-CL-000070 - Splunk Enterprise must automatically lock the account until the locked account is released by an administrator when three unsuccessful login attempts in 15 minutes are exceeded. | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG OS | Unix | ACCESS CONTROL |
| VCSA-70-000145 - The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | ACCESS CONTROL |
| VCSA-70-000266 - The vCenter Server must require an administrator to unlock an account locked due to excessive login failures. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | ACCESS CONTROL |
| VCSA-80-000145 - The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | ACCESS CONTROL |
| VCSA-80-000266 - The vCenter Server must require an administrator to unlock an account locked due to excessive login failures. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | ACCESS CONTROL |
| VCTR-67-000045 - The vCenter Server must limit the maximum number of failed login attempts to three. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | ACCESS CONTROL |
| VCTR-67-000046 - The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | ACCESS CONTROL |
| VCTR-67-000047 - The vCenter Server must require an administrator to unlock an account locked due to excessive login failures. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | ACCESS CONTROL |
| VCWN-06-000045 - The system must limit the maximum number of failed login attempts to three. | DISA VMware vSphere vCenter Server Version 6 STIG v1r4 | VMware | ACCESS CONTROL |
| VCWN-06-000046 - The system must set the interval for counting failed login attempts to at least 15 minutes. | DISA VMware vSphere vCenter Server Version 6 STIG v1r4 | VMware | ACCESS CONTROL |
| VCWN-06-000047 - The system must require an administrator to unlock an account locked due to excessive login failures. | DISA VMware vSphere vCenter Server Version 6 STIG v1r4 | VMware | ACCESS CONTROL |
| WN11-AC-000005 - Windows 11 account lockout duration must be configured to 15 minutes or greater. | DISA Microsoft Windows 11 STIG v2r7 | Windows | ACCESS CONTROL |
| WN22-AC-000010 - Windows Server 2022 account lockout duration must be configured to 15 minutes or greater. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | ACCESS CONTROL |
| WN25-AC-000010 - Windows Server 2025 account lockout duration must be configured to 15 minutes or greater. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
