Default Settings - Password Rule Settings - Smart Lockout - Lockout duration in seconds
Why This Matters
Smart lockout is a critical defense against brute force password attacks targeting user accounts. If the lockout duration is too short, attackers can continue guessing passwords after a brief pause, reducing the effectiveness of this security control. Setting an appropriate lockout duration ensures that repeated authentication failures result in a meaningful delay, protecting your organization from credential compromise.
What Aether365 Checks
Aether365 verifies that the smart lockout duration for Microsoft Entra ID is set to 60 seconds or greater. This check appears in the Aether365 dashboard under the entra-id category and compares the current lockout duration against the recommended minimum.