SV-77353r1_rule
V-62863
SRG-APP-000345-NDM-000290
RICX-DM-000026
CAT II
10
Configure RiOS to limit the number of unsuccessful login attempts to 3 during a 15-minute period.
Navigate to the device Management Console
Navigate to Configure >> Security >> Password Policy
Set the value of "Login Attempts Before Lockout:" to "3"
Set the value of "Timeout for User Login After Lockout (seconds);" to "900"
Click "Apply" to save the changes
Navigate to the top of the web page and click "Save" to write changes to memory
Verify that RiOS is configured to limit the number of unsuccessful login attempts during a 15-minute period to 3.
Navigate to the device Management Console
Navigate to Configure >> Security >> Password Policy
Verify that "Login Attempts Before Lockout:" is set to "3"
Verify that "Timeout for User Login After Lockout (seconds)" is set to "900"
If "Login Attempts Before Lockout" is not set to "3" and/or "Timeout for User Login After Lockout (seconds)" is not set to "900", this is a finding.
V-62863
False
RICX-DM-000026
Verify that RiOS is configured to limit the number of unsuccessful login attempts during a 15-minute period to 3.
Navigate to the device Management Console
Navigate to Configure >> Security >> Password Policy
Verify that "Login Attempts Before Lockout:" is set to "3"
Verify that "Timeout for User Login After Lockout (seconds)" is set to "900"
If "Login Attempts Before Lockout" is not set to "3" and/or "Timeout for User Login After Lockout (seconds)" is not set to "900", this is a finding.
M
2931