| 4.004 - Lockout duration does not meet minimum requirements. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 5.4.13 Ensure lockout for unsuccessful root logon attempts | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 5.4.13 Ensure lockout for unsuccessful root logon attempts - system-auth default | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| APPL-11-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - maxFailedAttempts | DISA STIG Apple macOS 11 v1r7 | Unix | |
| APPL-11-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - maxFailedAttempts | DISA STIG Apple macOS 11 v1r3 | Unix | |
| APPL-11-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - minutesUntilFailedLoginReset | DISA STIG Apple macOS 11 v1r1 | Unix | |
| APPL-12-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - maxFailedAttempts | DISA STIG Apple macOS 12 V1R2 | Unix | |
| APPL-12-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - maxFailedAttempts | DISA STIG Apple macOS 12 v1r7 | Unix | |
| APPL-12-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - maxFailedAttempts | DISA STIG Apple macOS 12 v1r5 | Unix | |
| APPL-12-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - minutesUntilFailedLoginReset | DISA STIG Apple macOS 12 V1R2 | Unix | |
| APPL-12-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - minutesUntilFailedLoginReset | DISA STIG Apple macOS 12 v1r5 | Unix | |
| APPL-12-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - minutesUntilFailedLoginReset | DISA STIG Apple macOS 12 v1r3 | Unix | |
| APPL-13-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - minutesUntilFailedLoginReset | DISA STIG Apple macOS 13 v1r1 | Unix | |
| APPL-13-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked. | DISA STIG Apple macOS 13 v1r2 | Unix | |
| Big Sur - Limit Consecutive Failed Login Attempts to Three | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL |
| Big Sur - Limit Consecutive Failed Login Attempts to Three | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Big Sur - Limit Consecutive Failed Login Attempts to Three | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Big Sur - Limit Consecutive Failed Login Attempts to Three | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL |
| Big Sur - Limit Consecutive Failed Login Attempts to Three | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Big Sur - Limit Consecutive Failed Login Attempts to Three | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL |
| Big Sur - Limit Consecutive Failed Login Attempts to Three | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL |
| Big Sur - Limit Consecutive Failed Login Attempts to Three | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Big Sur - Set Account Lockout Time to 15 Minutes | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Big Sur - Set Account Lockout Time to 15 Minutes | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL |
| Big Sur - Set Account Lockout Time to 15 Minutes | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Big Sur - Set Account Lockout Time to 15 Minutes | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL |
| Big Sur - Set Account Lockout Time to 15 Minutes | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Big Sur - Set Account Lockout Time to 15 Minutes | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL |
| Catalina - Set Account Lockout Time to 15 Minutes | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL |
| Catalina - Set Account Lockout Time to 15 Minutes | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Catalina - Set Account Lockout Time to 15 Minutes | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
| Catalina - Set Account Lockout Time to 15 Minutes | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL |
| Catalina - Set Account Lockout Time to 15 Minutes | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Catalina - Set Account Lockout Time to 15 Minutes | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL |
| F5BI-DM-000185 - The BIG-IP appliance must be configured to automatically lock the account until the locked account is released by an administrator when three unsuccessful logon attempts in 15 minutes are exceeded. | DISA F5 BIG-IP Device Management 11.x STIG v1r7 | F5 | |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| OL08-00-020012 - OL 8 systems below version 8.2 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. - preauth | DISA Oracle Linux 8 STIG v1r1 | Unix | |
| OL08-00-020018 - OL 8 systems below version 8.2 must prevent system messages from being presented when three unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v1r1 | Unix | |
| OL08-00-020021 - OL 8 systems, versions 8.2 and above, must log user name information when unsuccessful logon attempts occur. - audit | DISA Oracle Linux 8 STIG v1r1 | Unix | |
| OL08-00-020022 - OL 8 systems below version 8.2 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v1r1 | Unix | |
| VCSA-70-000266 - The vCenter Server must require an administrator to unlock an account locked due to excessive login failures. | DISA STIG VMware vSphere 7.0 vCenter v1r2 | VMware | |
| VCTR-67-000046 - The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes. | DISA STIG VMware vSphere 6.7 vCenter v1r1 | VMware | |
| VCTR-67-000047 - The vCenter Server must require an administrator to unlock an account locked due to excessive login failures. | DISA STIG VMware vSphere 6.7 vCenter v1r1 | VMware | |
| VCTR-67-000047 - The vCenter Server must require an administrator to unlock an account locked due to excessive login failures. | DISA STIG VMware vSphere 6.7 vCenter v1r3 | VMware | |
| VCWN-06-000046 - The system must set the interval for counting failed login attempts to at least 15 minutes. | DISA STIG VMware vSphere vCenter 6.x v1r3 | VMware | |
| VCWN-65-000047 - The vCenter Server for Windows must require an administrator to unlock an account locked due to excessive login failures. | DISA STIG VMware vSphere vCenter 6.5 v1r3 | VMware | |
| WN22-AC-000010 - Windows Server 2022 account lockout duration must be configured to 15 minutes or greater. | DISA Windows Server 2022 STIG v1r5 | Windows | |
| WN22-AC-000010 - Windows Server 2022 account lockout duration must be configured to 15 minutes or greater. | DISA Windows Server 2022 STIG v1r4 | Windows | |
| WN22-AC-000010 - Windows Server 2022 account lockout duration must be configured to 15 minutes or greater. | DISA Windows Server 2022 STIG v1r3 | Windows | |
