Details

Admin password lockout >= 300 seconds. Enforcing a longer wait time for subsequent login attempts will provide for a less desirable target for attackers.


Solution

Issue the following command to configure the admin-lockout-duration.

config system global
set admin-lockout-duration
end


Supportive Information

The following resource is also helpful.

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system FortiGate.


References


Source