Skip to Main Content
It looks like you're using Internet Explorer 11 or older. This website works best with modern browsers such as the latest versions of Chrome, Firefox, Safari, and Edge. If you continue with this browser, you may see unexpected results.

OIT Help Desk:FAQs

Frequently asked questions

Unsuccessful Logins Attempts

The information system NSU employs: 1. Enforces a limit of a maximum of 10 consecutive invalid access attempts by a user during a 15 minute time period; and 2. Automatically locks the account/node for a minimum of a 15 minute period when the maximum number of unsuccessful attempts is exceeded. The control applies regardless of whether the login occurs via a local or network connection. Supplemental Guidance: Due to the potential for denial of service, automatic lockouts initiated by the information system are usually temporary and automatically release after a predetermined time period established by NSU. If a delay algorithm is selected, NSU may choose to employ different algorithms for different information system components based on the capabilities of those components. Response to unsuccessful login attempts may be implemented at both the operating system and the application levels.

Control Enhancements for Sensitive Systems: 1. The information system automatically locks the account/node until released by an administrator when the maximum number of unsuccessful attempts is exceeded. 2. The information system provides additional protection for mobile devices accessed via login by purging information from the device after not more than ten consecutive, unsuccessful login attempts to the device.