Accounts, except for break glass accounts, are locked out after a maximum of five failed logon attempts.
- Topic
- Account lockouts
- Applicable to
- all
History
- Priority
- must
- Jun 2023
- Accounts, except for break glass accounts, are locked out after a maximum of five failed logon attempts.
- The existing control relating to locking out accounts after a maximum of five failed logon attempts was amended to exclude break glass accounts.
- Oct 2019
- Accounts are locked out after a maximum of five failed logon attempts.
- Security control 1403 was modified slightly.
- Sep 2019
- Accounts are locked after a maximum of five failed logon attempts.
- 2015
- Agencies must ensure accounts are locked after a maximum of five failed logon attempts.