PHTN-67-000002 - The Photon operating system must automatically lock an account when three unsuccessful logon attempts occur.

Details

By limiting the number of failed logon attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-force attacks, is reduced. Limits are imposed by locking the account.



Satisfies: SRG-OS-000021-GPOS-00005, SRG-OS-000329-GPOS-00128


Solution

Open /etc/pam.d/system-auth with a text editor.

Add the following line after the last auth statement:

auth required pam_tally2.so file=/var/log/tallylog deny=3 onerr=fail even_deny_root unlock_time=86400 root_unlock_time=300


Supportive Information

The following resource is also helpful.

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.


References


Source