Enforce automatic device lockout following a predetermined threshold of local failed authentication attempts on portable end-user devices, where supported. For laptops, do not allow more than 20 failed authentication attempts; for tablets and smartphones, no more than 10 failed authentication attempts. Example implementations include Microsoft® InTune Device Lock and Apple® Configuration Profile maxFailedAttempts.
Parent
Compliance Framework
CIS v8.0
Control Number
4.1
Related
Compliance Framework
Secure Controls Framework 2023.4
CMMC v2.11
CMMC v2.11
CMMC v2.11
CMMC v2.11
CCM v4.0.10
CCM v4.0.10
CCM v4.0.10
ISO 27002:2022
ISO 27002:2022
ISO 27002:2022
NIST CSF v1.1
NIST 800-171 Rev 2
NIST 800-171 Rev 2
NIST 800-171 Rev 2
NIST 800-53 Rev 5
NIST 800-53 Rev 5
NIST 800-53 Rev 5