STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 6 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide

V-282731

CAT III (Low)

TOSS 5 must display the date and time of the last successful account logon upon user logon.

Rule ID

SV-282731r1201173_rule

STIG

Tri-Lab Operating System Stack (TOSS) 5 Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000366

Discussion

Users must be aware of activity that occurs regarding their account. Providing users with information regarding the number of unsuccessful attempts that were made to login to their account allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators.

Check Content

Verify users are provided with feedback on when account accesses last occurred using the following command:

$ sudo grep pam_lastlog /etc/pam.d/postlogin

session required pam_lastlog.so showfailed

If "pam_lastlog" is missing from "/etc/pam.d/postlogin" file, or the silent option is present, this is a finding.

Fix Text

Configure TOSS 5 to provide users with feedback on when account accesses last occurred by setting the required configuration options in "/etc/pam.d/postlogin". 

Add the following line to the top of "/etc/pam.d/postlogin":

session required pam_lastlog.so showfailed