d9b675fb-1bb2-4ff3-88ea-0e74ab40e2a7
The account lockout feature, when enabled, prevents brute-force password attacks on the system. This parameter specifies the amount of time that an account will remain locked after the specified number of failed logon attempts.
To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Account Policies
|_ Account Lockout Policy
|_ "Account lockout duration" to "15" minutes or greater.
Stig: Server:
2022: https://www.stigviewer.com/stig/microsoft_windows_server_2022/2023-09-11/finding/V-254285
2019: https://www.stigviewer.com/stig/microsoft_windows_server_2019/2023-09-11/finding/V-205795 / https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93145
2016: https://www.stigviewer.com/stig/microsoft_windows_server_2016/2023-08-22/finding/V-224866 / https://www.stigviewer.com/stig/windows_server_2016/2020-06-16/finding/V-73309
Desktop:
W11: https://www.stigviewer.com/stig/microsoft_windows_11/2023-09-29/finding/V-253297
W10: https://www.stigviewer.com/stig/microsoft_windows_10/2023-09-29/finding/V-220739 / https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220739
Nist 800-53: AC-7, AC-19
Nist 800-171a: 3.1.8[a], 3.1.8[b]
Nist 800-171AR3: A.03.01.08, A.03.01.08.ODP[01] A.03.01.08.ODP[02]
CMMC v2.1: AC.L2-3.1.8
PCI DSS v3.2: 8.1.6, 8.1.7
PCI DSS v4.0: 8.3.4
CSCv7: 16.2, 16.11