| 1.21 APPL-14-000060 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.136 OL08-00-020010 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.138 OL08-00-020012 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.139 OL08-00-020013 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.140 OL08-00-020014 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.141 OL08-00-020015 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.146 OL08-00-020020 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.149 OL08-00-020023 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.152 OL08-00-020026 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.280 RHEL-09-411080 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.282 RHEL-09-411090 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| AOSX-13-001327 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL |
| AOSX-14-000021 - The macOS system must enforce an account lockout time period of 15 minutes in which a user makes three consecutive invalid logon attempts. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL |
| AOSX-14-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL |
| AOSX-15-000021 - The macOS system must enforce an account lockout time period of 15 minutes in which a user makes three consecutive invalid logon attempts. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL |
| APPL-14-000060 - The macOS system must set account lockout time to 15 minutes. | DISA Apple macOS 14 Sonoma STIG v2r4 | Unix | ACCESS CONTROL |
| APPL-15-000022 - The macOS system must limit consecutive failed login attempts to three. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | ACCESS CONTROL |
| APPL-26-000060 - The macOS system must set account lockout time to 15 minutes. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | ACCESS CONTROL |
| OL6-00-000356 - The system must require administrator action to unlock an account locked by excessive failed login attempts - system-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL07-00-010330 - The Oracle Linux operating system must lock the associated account after three unsuccessful root logon attempts are made within a 15-minute period. | DISA Oracle Linux 7 STIG v3r5 | Unix | ACCESS CONTROL |
| OL08-00-020010 - OL 8 systems below version 8.2 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020012 - OL 8 systems below version 8.2 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020016 - OL 8 systems below version 8.2 must ensure account lockouts persist. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020018 - OL 8 systems below version 8.2 must prevent system messages from being presented when three unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020020 - OL 8 systems below version 8.2 must log user name information when unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020021 - OL 8 systems, versions 8.2 and above, must log user name information when unsuccessful logon attempts occur. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020022 - OL 8 systems below version 8.2 must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020023 - OL 8 systems, versions 8.2 and above, must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020026 - OL 8 must configure the use of the pam_faillock.so module in the /etc/pam.d/password-auth file. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL08-00-020027 - OL 8 systems, versions 8.2 and above, must configure SELinux context type to allow the use of a non-default faillock tally directory. | DISA Oracle Linux 8 STIG v2r8 | Unix | ACCESS CONTROL |
| OL09-00-002416 - OL 9 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 9 STIG v1r5 | Unix | ACCESS CONTROL |
| OL09-00-003021 - OL 9 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 9 STIG v1r5 | Unix | ACCESS CONTROL |
| PHTN-67-000002 - The Photon operating system must automatically lock an account when three unsuccessful logon attempts occur. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| RHEL-06-000356 - The system must require administrator action to unlock an account locked by excessive failed login attempts - 'password-auth auth [default=die]' | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000356 - The system must require administrator action to unlock an account locked by excessive failed login attempts - 'password-auth auth required' | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000356 - The system must require administrator action to unlock an account locked by excessive failed login attempts - 'system-auth auth [default=die]' | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000357 - The system must disable accounts after excessive login failures within a 15-minute interval - pw-auth auth [default=die] | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000357 - The system must disable accounts after excessive login failures within a 15-minute interval - sys-auth auth [default=die] | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000357 - The system must disable accounts after excessive login failures within a 15-minute interval - system-auth account required | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000357 - The system must disable accounts after excessive login failures within a 15-minute interval - system-auth auth required | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-08-020028 - RHEL 8 systems below version 8.2 must configure SELinux context type to allow the use of a non-default faillock tally directory. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-09-411075 - RHEL 9 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-10-600415 - RHEL 10 must automatically lock the root account until the root account is released by an administrator when three unsuccessful login attempts occur during a 15-minute time period. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-600430 - RHEL 10 must ensure account lockouts persist. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| SLEM-05-412020 - SLEM 5 must lock an account after three consecutive invalid access attempts. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | ACCESS CONTROL |
| UBTU-16-010291 - Accounts on the Ubuntu operating system that are subject to three unsuccessful logon attempts within 15 minutes must be locked for the maximum configurable period - unlock_time | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| VCWN-65-000046 - The vCenter Server for Windows must set the interval for counting failed login attempts to at least 15 minutes. | DISA VMware vSphere 6.5 vCenter Server for Windows STIG v2r3 | VMware | ACCESS CONTROL |
| WN10-AC-000005 - Windows 10 account lockout duration must be configured to 15 minutes or greater. | DISA Microsoft Windows 10 STIG v3r6 | Windows | ACCESS CONTROL |
| WN12-AC-000001 - Windows 2012 account lockout duration must be configured to 15 minutes or greater. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN19-AC-000010 - Windows Server 2019 account lockout duration must be configured to 15 minutes or greater. | DISA Microsoft Windows Server 2019 STIG v3r8 | Windows | ACCESS CONTROL |
