Details
Use this setting to restrict the number of failed logon attempts a user can make.
Rationale:
There is a high risk that mobile devices will be lost or stolen. Enforcing this setting reduces the likelihood that an unauthorized user can guess the password of a device to access data stored on it.
Solution
To implement the recommended state, execute the following PowerShell cmdlet:
Set-MobileDeviceMailboxPolicy -Identity Default -MaxPasswordFailedAttempts 10
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.