The Nokia router must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must block any login attempt for 15 minutes.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-283763 | NOKI-ND-000120 | SV-283763r1203595_rule | CCI-000044 | medium |
| Description | ||||
| By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute-forcing, is reduced. | ||||
| STIG | Date | |||
| Nokia Service Router OS 25.x Network Device Management Security Technical Implementation Guide | 2026-06-15 | |||
Details
Check Text (C-283763r1203595_chk)
Verify that "Number of invalid attempts permitted per login" is set to "3", and "Lockout period (when threshold breached)" is set to "15", as shown in the example below:
- show system security password-options
Number of invalid attempts permitted per login : 3
Lockout period (when threshold breached) : 15
If the "Number of invalid attempts permitted per login" is not set to "3", this is a finding.
If the "Lockout period (when threshold breached)" is not set to "15", this is a finding.
Fix Text (F-88233r1203333_fix)
Configure the Nokia router using the command below:
- configure system security password attempts 3 lockout 15