STIGViewer Trial workspace — loading your subscription…

NIST 800-171 v2

110 security requirements available

3.1.8Derived Requirement

Access Control

Security Requirement

Limit unsuccessful logon attempts.

Discussion

This requirement applies regardless of whether the logon occurs via a local or network connection. Due to the potential for denial of service, automatic lockouts initiated by systems are, in most cases, temporary and automatically release after a predetermined period established by the organization (i.e., a delay algorithm). If a delay algorithm is selected, organizations may employ different algorithms for different system components based on the capabilities of the respective components. Responses to unsuccessful logon attempts may be implemented at the operating system and application levels.

Framework
NIST SP 800-171 Rev 2
Family
Access Control
Requirement Type
derived

Related Frameworks

7 paths across 2 frameworks
NIST 800-531 mapping
AC-7
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI6 mappings
CCI-000043
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-000044
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-001423
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002236
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002237
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-002238
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

130 STIGs reach this control through 16 CCIs via 800-53 control AC-7. Expand a row to see the responsible NICE and O*NET roles.

Operating System — Desktop

5 STIGs

Operating System — Server

26 STIGs
Oracle Linux 8 Security Technical Implementation Guide
V2R82026-02-1318 of 375 findings match
Oracle Linux 9 Security Technical Implementation Guide
V1R52026-02-179 of 448 findings match
Show 18 more STIGs in this category →
Anduril NixOS Security Technical Implementation Guide
V1R22025-08-191 of 103 findings match
IBM AIX 7.x Security Technical Implementation Guide
V3R22026-02-061 of 283 findings match
Solaris 11 X86 Security Technical Implementation Guide
V3R52026-02-191 of 216 findings match

Operating System — Mainframe

6 STIGs
IBM z/OS TSS Security Technical Implementation Guide
V9R82026-03-093 of 230 findings match
Mainframe Product Security Requirements Guide
V3R42025-09-102 of 194 findings match
IBM z/OS ACF2 Security Technical Implementation Guide
V9R82026-03-091 of 225 findings match
IBM z/OS RACF Security Technical Implementation Guide
V9R82026-03-091 of 222 findings match

Operating System — Mobile

30 STIGs
Show 22 more STIGs in this category →

Network Device

34 STIGs
AAA Services Security Requirements Guide
V2R22024-12-042 of 77 findings match
Cisco ACI NDM Security Technical Implementation Guide
V1R22025-12-111 of 26 findings match
Show 26 more STIGs in this category →
Cisco ISE NDM Security Technical Implementation Guide
V2R32025-12-111 of 53 findings match
Network Device Management Security Requirements Guide
V5R42025-09-101 of 105 findings match
Network Device Management Security Requirements Guide
V5R32025-02-111 of 104 findings match
RUCKUS ICX NDM Security Technical Implementation Guide
V1R12025-05-281 of 25 findings match

Web / Application Server

2 STIGs

Virtualization / Container

14 STIGs
Container Platform Security Requirements Guide
V2R42025-09-102 of 188 findings match
Virtual Machine Manager Security Requirements Guide
V2R32025-09-102 of 198 findings match
Show 6 more STIGs in this category →

Cloud / Identity Service

2 STIGs

Endpoint Security Management

10 STIGs
Central Log Server Security Requirements Guide
V3R42026-02-122 of 127 findings match
HYCU Protege Security Technical Implementation Guide
V1R22026-03-041 of 55 findings match
ISEC7 Sphere Security Technical Implementation Guide
V3R12024-08-201 of 34 findings match
Show 2 more STIGs in this category →

Productivity Application

1 STIG