| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1044 - Unsuccessful Logon Attempts | ||
| Id | 0abbac52-57cf-450d-8408-1208d0dd9e90 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Access Control control | ||
| Additional metadata |
Name/Id: ACF1044 / Microsoft Managed Control 1044 Category: Access Control Title: Unsuccessful Logon Attempts - Enforcement Ownership: Customer, Microsoft Description: The information system: Enforces a limit of not more than six (6) consecutive invalid logon attempts by a user during a thirty (30) minutes; and Requirements: For all access to the environment, Azure personnel must use multifactor authentication using a smart card and PIN. smart card authentication enforces lockout after five (5) failed login attempts. After five invalid access attempts within fifteen (15) minutes, a user’s smart card is locked out until it is unblocked by an administrator. The smart card is tied to the user’s Azure Active Directory account, using the CorpNet-alias-derived unique identifier for the environment, which is used for access throughout Azure via single-sign-on. Local account settings inherit the smart card settings, ensuring that after five invalid PIN entries, the user’s smart card is locked, rather than any accounts they may be logging into – ensuring that their access remains locked until their smart card is unlocked by an administrator. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|