EIDSCA.PR06 - Default Settings - Password Rule Settings - Smart Lockout - Lockout threshold.
Overviewβ
How many failed sign-ins are allowed on an account before its first lockout. If the first sign-in after a lockout also fails, the account locks out again.
Prevent attacks using smart lockout - Microsoft Entra ID - Microsoft Learn
Test scriptβ
https://graph.microsoft.com/beta/settings
.values -le 10
Related linksβ
- Open in Graph Explorer
- directorySetting resource type - Microsoft Graph beta | Microsoft Learn
- View in Microsoft Entra admin center
MITRE ATT&CKβ
| Tactic | Technique | Mitigation |
|---|---|---|
| TA0006 - Credential Access - Credential Access | T1110 - Brute Force | M1018 - User Account Management M1027 - Password Policies |
Test Metadataβ
| Field | Value |
|---|---|
| Test ID | EIDSCA.PR06 |
| Severity | Medium |
| Suite | Entra ID SCA |
| Category | General |
| PowerShell test | Test-MtEidscaPR06 |
| Tags | EIDSCA, EIDSCA.PR06 |
Sourceβ
- Pester test:
tests/EIDSCA/Test-EIDSCA.Generated.Tests.ps1 - PowerShell source:
powershell/internal/eidsca/Test-MtEidscaPR06.ps1