| 4.003 - Time before bad-logon counter is reset does not meet minimum requirements. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| AIOS-01-080005 - Apple iOS must not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | ACCESS CONTROL |
| AIOS-16-006900 - Apple iOS/iPadOS 16 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-006900 - Apple iOS/iPadOS 17 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| ALMA-09-007500 - AlmaLinux OS 9 must automatically lock an account when three unsuccessful logon attempts occur. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-007720 - AlmaLinux OS 9 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| APPL-14-000022 The macOS system must limit consecutive failed log on attempts to three. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-000060 The macOS system must set account lockout time to 15 minutes. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-15-000060 - The macOS system must set account lockout time to 15 minutes. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
| ESXI-06-000005 - The system must enforce the limit of three consecutive invalid logon attempts by a user. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | ACCESS CONTROL |
| ESXI-70-000005 - The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | ACCESS CONTROL |
| GEN000460 - The system must disable accounts after three consecutive unsuccessful login attempts - LOCK_AFTER_RETRIES | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN000460 - The system must disable accounts after three consecutive unsuccessful login attempts - LOCK_AFTER_RETRIES | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000460 - The system must disable accounts after three consecutive unsuccessful login attempts - RETRIES | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000460 - The system must disable accounts after three consecutive unsuccessful login attempts - RETRIES | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN000460 - The system must disable accounts after three consecutive unsuccessful login attempts. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000460 - The system must disable accounts after three consecutive unsuccessful login attempts. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN000460 - The system must disable accounts after three consecutive unsuccessful login attempts. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GOOG-14-006400 - Google Android 14 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 14 COBO v2r2 | MDM | ACCESS CONTROL |
| GOOG-14-006400 - Google Android 14 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Google Android 14 COPE v2r2 | MDM | ACCESS CONTROL |
| GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | ACCESS CONTROL |
| OL08-00-020010 - OL 8 systems below version 8.2 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020011 - OL 8 systems, versions 8.2 and above, must automatically lock an account when three unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020012 - OL 8 systems below version 8.2 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020014 - OL 8 systems below version 8.2 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020015 - OL 8 systems, versions 8.2 and above, must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020016 - OL 8 systems below version 8.2 must ensure account lockouts persist. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020017 - OL 8 systems, versions 8.2 and above, must ensure account lockouts persist. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020018 - OL 8 systems below version 8.2 must prevent system messages from being presented when three unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020021 - OL 8 systems, versions 8.2 and above, must log user name information when unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020022 - OL 8 systems below version 8.2 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020023 - OL 8 systems, versions 8.2 and above, must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL08-00-020027 - OL 8 systems, versions 8.2 and above, must configure SELinux context type to allow the use of a non-default faillock tally directory. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| PHTN-30-000002 - The Photon operating system must automatically lock an account when three unsuccessful logon attempts occur. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | ACCESS CONTROL |
| RHEL-08-020011 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-020012 - RHEL 8 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-020014 - RHEL 8 must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-020021 - RHEL 8 must log user name information when unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-020027 - RHEL 8 systems, versions 8.2 and above, must configure SELinux context type to allow the use of a non-default faillock tally directory. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-08-020028 - RHEL 8 systems below version 8.2 must configure SELinux context type to allow the use of a non-default faillock tally directory. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| RHEL-09-411075 - RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-411080 - RHEL 9 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-411085 - RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-411090 - RHEL 9 must maintain an account lock until the locked account is released by an administrator. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-431020 - RHEL 9 must configure SELinux context type to allow the use of a nondefault faillock tally directory. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-611030 - RHEL 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| SLES-15-020010 - The SUSE operating system must lock an account after three consecutive invalid access attempts. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL |
| UBTU-20-010072 - The Ubuntu operating system must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts have been made. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | ACCESS CONTROL |
| UBTU-24-200610 - Ubuntu 24.04 LTS must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts have been made. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | ACCESS CONTROL |
