Skip to main content

Default Settings - Password Rule Settings - Smart Lockout - Lockout duration in seconds

The minimum length in seconds of each lockout. If an account locks repeatedly, this duration increases.


Name	LockoutDurationInSeconds
Control	Default Settings - Password Rule Settings
Description	Define the password protection and Smart Lockout configurations that can be used to customize the tenant-wide and object-specific restrictions and allowed behavior
Severity	High

How to fix

Details of configuration item


Recommendation	Prevent attacks using smart lockout - Microsoft Entra ID - Microsoft Learn
Configuration	settings
Setting	`values
Recommended Value	'>=60'
Default Value	60
Graph API Docs	directorySetting resource type - Microsoft Graph beta - Microsoft Learn
Graph Explorer	Open in Graph Explorer

MITRE ATT&CK

Tactic	Technique	Mitigation
TA0006 - Credential Access - Credential Access	T1110 - Brute Force	M1018 - User Account Management M1027 - Password Policies

How to fix
- Details of configuration item
MITRE ATT&CK