
Windows NT No Lockout Enabled
There is no lockout time period for too many failed login attempts. This
allows an intruder to attempt to brute force any account with no restrictions. The
lockout period should not be too long, or an intruder can use this as a denial
of service attack.
Risk: Low
OS Vulnerable: Windows NT
Fix: Enable account lockouts after 5 incorrect login attempts.