Navigate

AC-7(3)

AC-7(3): Biometric Attempt Limiting

Limit the number of unsuccessful biometric logon attempts to [the number of unsuccessful biometric logon attempts is defined;].

Supplemental

Biometrics are probabilistic in nature. The ability to successfully authenticate can be impacted by many factors, including matching performance and presentation attack detection mechanisms. Organizations select the appropriate number of attempts for users based on organizationally-defined factors.

CIA Levels
Confidentiality	unknown
Integrity	unknown
Availability	unknown

Overlays
None

CSF Categories
None

Related Controls

The controls below (if any) were marked by NIST as being related to AC-7(3).

Control	Description
IA-3	Uniquely identify and authenticate [devices and/or types of devices to be uniquely identified and authenticated before establishing a connection are defined;] before establishing a [one or more of "local"/"remote"/"network"] connection.

Enhancements

The controls below (if any) add on to the requirements of AC-7(3).

Control	Description
No controls

Related CCIs

The CCIs below are tied to AC-7(3).

CCI	Definition
CCI-003687	Limit the number of unsuccessful biometric logon attempts to an organization-defined number.
CCI-003688	Defines the number of allowed unsuccessful biometric logon attempts.