Educause Security Discussion mailing list archives
Re: Account Lockout Policies
From: "Cheek, Leigh" <lcheek () UTK EDU>
Date: Tue, 11 Jul 2006 16:00:40 -0400
Thanks, Leigh Cheek (865) 974-4420 -----Original Message----- From: Valdis Kletnieks [mailto:Valdis.Kletnieks () VT EDU] Sent: Tuesday, July 11, 2006 3:56 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Account Lockout Policies On Tue, 11 Jul 2006 15:45:23 EDT, "Cheek, Leigh" said:
If the lockout duration is set to the Administrator Unlocks (0), then you set yourself up for a denial of service attack. As an information system auditor, I use the Center for Internet Security or NIST as my guides for best practices.
As one of the un-indicted co-conspirators :) of the CIS stuff (I didn't do the Windows one, but was involved in the Solaris, RH Linux, and AIX ones), I'm always glad to see the CIS guides serving a useful role in the BCP arena.. Thanks for the vote of confidence...
Current thread:
- Account Lockout Policies Saburo Usami (Jul 11)
- <Possible follow-ups>
- Re: Account Lockout Policies Eric Brewer (Jul 11)
- Re: Account Lockout Policies Graham Toal (Jul 11)
- Re: Account Lockout Policies Cheek, Leigh (Jul 11)
- Re: Account Lockout Policies Valdis Kletnieks (Jul 11)
- Re: Account Lockout Policies Cheek, Leigh (Jul 11)
- Re: Account Lockout Policies Randy Marchany (Jul 11)
- Re: Account Lockout Policies Gary Flynn (Jul 11)
- Re: Account Lockout Policies Gary Dobbins (Jul 11)
- Re: Account Lockout Policies Valdis Kletnieks (Jul 11)
- Re: Account Lockout Policies Russell Fulton (Jul 12)
- Re: Account Lockout Policies jack suess (Jul 12)
- Re: Account Lockout Policies Gary Flynn (Jul 13)
- Re: Account Lockout Policies Jonny Sweeny (Jul 14)
- Re: Account Lockout Policies Graham Toal (Jul 14)