EIDSCA.PR05 - Default Settings - Password Rule Settings - Smart Lockout - Lockout duration in seconds.
Overview
The minimum length in seconds of each lockout. If an account locks repeatedly, this duration increases.
Prevent attacks using smart lockout - Microsoft Entra ID - Microsoft Learn
Test script
https://graph.microsoft.com/beta/settings
.values -ge 60
Related links
- Open in Graph Explorer
- directorySetting resource type - Microsoft Graph beta | Microsoft Learn
- View in Microsoft Entra admin center
MITRE ATT&CK
| Tactic | Technique | Mitigation |
|---|---|---|
| TA0006 - Credential Access - Credential Access | T1110 - Brute Force | M1018 - User Account Management M1027 - Password Policies |
Test Metadata
| Field | Value |
|---|---|
| Test ID | EIDSCA.PR05 |
| Severity | Medium |
| Suite | Entra ID SCA |
| Category | General |
| PowerShell test | Test-MtEidscaPR05 |
| Tags | EIDSCA, EIDSCA.PR05 |
Source
- Pester test:
tests/EIDSCA/Test-EIDSCA.Generated.Tests.ps1 - PowerShell source:
powershell/internal/eidsca/Test-MtEidscaPR05.ps1