We are potentially seeing account lock-outs as a result of the vulnerability scan template check ‘Default Account’. The accounts get locked out around the same time every week our scan run.
We are temp disabling the check to see if the next scan still causes the lock-outs.
Additionally, this identifies accounts with default names which ultimately need to be renamed or disabled.
Is anyone else experiencing related lock-outs related to ‘Default Account’ checks?
Since last two weeks we detected such increase of authentication attemps. I opened a support case and this is being investigated but got no answer yet
1 Like
Same, let’s see what the R7 support case uncovers…
We experience this as well but the account lockout only lasts for so long. You have a few options, you can disable the category check all together or if you know specifically which check is locking your accounts you can disable those individually.
1 Like
Default Account checks are not just about checking default passwords, but its also about checking default usernames. Usernames are just as vital a part of the MFA equation as the password, and the only way default account checks are locking out accounts is if you have accounts set up with default usernames.
Our scans would lock out the admin accounts on our AIX machines anytime they were scanned. We ended up going into the scan template and excluding the default account plug-in’s for AS/400’s and that stopped the issue on our AIX boxes (they use the same default ID name).
1 Like
Was there any update from support?