Documentation Index

Fetch the complete documentation index at: https://kb.northerndatasolutions.com/llms.txt

Use this file to discover all available pages before exploring further.

AC.L2-3.1.8[b]

  • Published on Apr 28, 2026
  • 1 minute(s) read
  • CT
 Prev Next

AC.L2-3.1.8[b] — Access Control (Unsuccessful Logon Attempts)

Domain: Access Control (AC)  |  Practice: AC.L2-3.1.8  |  Objective ID: 3.1.8[b]  |  Source: NIST SP 800-171 Rev. 2 / CMMC 2.0 Level 2

Assessment Objective:

The defined means of limiting unsuccessful logon attempts is implemented.

Content summary: Configure systems to enforce login lockout thresholds automatically. This mitigates brute-force and credential-stuffing attacks against CUI systems.

Related articles
  • AC.L2-3.1.21[c]
    Compliance > CMMC (NIST 800-171) > CMMC 2.0 Assessment Objectives
  • AC.L2-3.1.3[b]
    Compliance > CMMC (NIST 800-171) > CMMC 2.0 Assessment Objectives