[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Account lockout duration

ID: oval:org.secpod.oval:def:7898Date: (C)2012-11-10   (M)2023-07-14
Class: COMPLIANCEFamily: windows




The Account lockout duration setting should be configured correctly. This policy setting determines the length of time that must pass before a locked account is unlocked and a user can try to log on again. The setting does this by specifying the number of minutes a locked out account will remain unavailable. If the value for this policy setting is configured to 0, locked out accounts will remain locked out until an administrator manually unlocks them. Although it might seem like a good idea to configure the value for this policy setting to a high value, such a configuration will likely increase the number of calls that the help desk receives to unlock accounts locked by mistake. Users should be aware of the length of time a lock remains in place, so that they realize they only need to call the help desk if they have an extremely urgent need to regain access to their computer. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policy\Account lockout duration (2) REG: NO INFO

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-10399-4
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-10399-4
XCCDF    6
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_2008_R2
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2008_R2
xccdf_org.secpod_benchmark_SecPod_Windows_Server_2008_R2
xccdf_org.secpod_benchmark_general_Windows_Server_2008_R2
...

© SecPod Technologies