Ensure that account 'Lockout Threshold' is less than or equal to '10'
Why This Matters
Account lockout thresholds directly reduce the risk of brute force and password spray attacks against your Entra ID tenant. When the threshold is too high, attackers can attempt hundreds or thousands of passwords before the account locks, and when set too low, legitimate users experience frequent lockouts that generate unnecessary security alerts. Keeping the lockout threshold at 10 or fewer failed attempts strikes the right balance between security and usability.
What Aether365 Checks
Aether365 verifies that your Entra ID account lockout threshold is configured to 10 or fewer failed login attempts. This check appears in the Aether365 dashboard under entra-id checks with the ID ENTRA.1151.