The operating system must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-203779	SRG-OS-000480-GPOS-00226	SV-203779r991588_rule		Medium

Description

Limiting the number of logon attempts over a certain time interval reduces the chances that an unauthorized user may gain access to an account.

STIG	Date
General Purpose Operating System Security Requirements Guide	2024-12-04

Details

Check Text (C-3904r375728_chk)

Verify the operating system enforces a delay of at least 4 seconds between logon prompts following a failed logon attempt. If it does not, this is a finding.

Fix Text (F-3904r375729_fix)

Configure the operating system to enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt.