Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
  • Labs icon Lab
  • A Cloud Guru
Google Cloud Platform icon
Labs

Configure an Account Lockout Policy

In this lab, we will use the Pluggable Authentication Module (PAM) to create an account lockout policy. Account lockout policies are crucial in preventing brute force password attacks from being successful. *This course is not approved or sponsored by Red Hat.*

Try for free Contact sales
Google Cloud Platform icon
Labs

Path Info

Level
Clock icon Intermediate
Duration
Clock icon 30m
Published
Clock icon May 17, 2019

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Install PAM

    1. To install PAM, run the following command:
    sudo yum install -y pam-devel

  2. Challenge

    Create an Account Lockout Policy

    1. To set up an account lockout policy that will lock for 15 minutes after 3 consecutive failed logins and includes the root account in the policy, you'll need to add the following lines to both /etc/pam.d/password-auth and /etc/pam.d/system-auth:
    auth        required      pam_faillock.so preauth silent audit deny=3 even_deny_root unlock_time=900
auth        [default=die] pam_faillock.so authfail audit deny=3 even_deny_root unlock_time=900
    • The first line above should be the second uncommented line in the files
    • The second line above should be the fourth uncommented line in the files.
    1. Next, we need to add the following line as the first line in the account section of the password-auth and system-auth files:
    account     required      pam_faillock.so

  3. Challenge

    Test the Account Lockout Policy

    1. Open a new shell to your host
    2. Enter incorrect login credentials for cloud_user
    3. Run the command faillock and you now see the recorded failed logins
A Cloud Guru - Labs - Configure an Account Lockout Policy
Author
A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Start learning by doing today

View Plans