AC-7(3): Biometric Attempt Limiting

Control Family:

Access Control

Threats Addressed:


(Not part of any baseline)

Info icon.

Control is new to this version of the control set.

Control Statement

Limit the number of unsuccessful biometric logon attempts to [Assignment: organization-defined number].

Supplemental Guidance

Biometrics are probabilistic in nature. The ability to successfully authenticate can be impacted by many factors, including matching performance and presentation attack detection mechanisms. Organizations select the appropriate number of attempts for users based on organizationally-defined factors.