History

Priority

should

2010

Agencies should:• lock system user accounts after five failed logon attempts• have a system administrator reset locked accounts• remove or suspend system user accounts as soon as possible when personnel no longer need accessdue to changing roles or leaving the agency• remove or suspend inactive accounts after a specified number of days.

2008

Agencies should: a. lock system user accounts after a specified number of failed logon attempts b. remove or suspend system user accounts as soon as possible after the staff member no longer needs access, due to changing roles or leaving the agency c. suspend inactive accounts after a specified number of days.