| 1.9 APPL-14-000022 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.47 WN10-AC-000015 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | ACCESS CONTROL |
| 1.137 OL08-00-020011 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.142 OL08-00-020016 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.143 OL08-00-020017 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.144 OL08-00-020018 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.145 OL08-00-020019 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.147 OL08-00-020021 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.148 OL08-00-020022 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.151 OL08-00-020025 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.153 OL08-00-020027 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.154 OL08-00-020028 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.279 RHEL-09-411075 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.281 RHEL-09-411085 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 4.003 - Time before bad-logon counter is reset does not meet minimum requirements. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 5.4.13 Ensure lockout for unsuccessful root logon attempts | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| APPL-14-000022 - The macOS system must limit consecutive failed log on attempts to three. | DISA Apple macOS 14 Sonoma STIG v2r4 | Unix | ACCESS CONTROL |
| APPL-15-000060 - The macOS system must set account lockout time to 15 minutes. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | ACCESS CONTROL |
| APPL-26-000022 - The macOS system must limit consecutive failed login attempts to three. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds - '/etc/pam.d/system-auth-local' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds - '/etc/pam.d/system-auth-local' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020011 - OL 8 systems, versions 8.2 and above, must automatically lock an account when three unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020013 - OL 8 systems, versions 8.2 and above, must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020014 - OL 8 systems below version 8.2 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020015 - OL 8 systems, versions 8.2 and above, must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020017 - OL 8 systems, versions 8.2 and above, must ensure account lockouts persist. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020019 - OL 8 systems, versions 8.2 and above, must prevent system messages from being presented when three unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020025 - OL 8 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020028 - OL 8 systems below version 8.2 must configure SELinux context type to allow the use of a non-default faillock tally directory. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL09-00-002417 - OL 9 must maintain an account lock until the locked account is released by an administrator. | DISA Oracle Linux 9 STIG v1r5 | Unix | ACCESS CONTROL |
| OL09-00-003020 - OL 9 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Oracle Linux 9 STIG v1r5 | Unix | ACCESS CONTROL |
| PHTN-30-000002 - The Photon operating system must automatically lock an account when three unsuccessful logon attempts occur. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | ACCESS CONTROL |
| RHEL-08-020027 - RHEL 8 systems, versions 8.2 and above, must configure SELinux context type to allow the use of a non-default faillock tally directory. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-09-411080 - RHEL 9 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-411085 - RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-411090 - RHEL 9 must maintain an account lock until the locked account is released by an administrator. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-10-600410 - RHEL 10 must automatically lock an account when three unsuccessful login attempts occur. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-600420 - RHEL 10 must automatically lock an account when three unsuccessful login attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-600425 - RHEL 10 must maintain an account lock until the locked account is released by an administrator. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| SLES-15-020010 - The SUSE operating system must lock an account after three consecutive invalid access attempts. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | ACCESS CONTROL |
| UBTU-20-010072 - The Ubuntu operating system must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts have been made. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | ACCESS CONTROL |
| UBTU-22-411045 - Ubuntu 22.04 LTS must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts have been made. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | ACCESS CONTROL |
| UBTU-24-200610 - Ubuntu 24.04 LTS must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts have been made. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | ACCESS CONTROL |
| VCWN-06-000045 - The system must limit the maximum number of failed login attempts to three. | DISA VMware vSphere vCenter Server Version 6 STIG v1r4 | VMware | ACCESS CONTROL |
| VCWN-06-000046 - The system must set the interval for counting failed login attempts to at least 15 minutes. | DISA VMware vSphere vCenter Server Version 6 STIG v1r4 | VMware | ACCESS CONTROL |
| VCWN-06-000047 - The system must require an administrator to unlock an account locked due to excessive login failures. | DISA VMware vSphere vCenter Server Version 6 STIG v1r4 | VMware | ACCESS CONTROL |
