HI all - its sorted. what I found is imperative is that the tally2 line MUST be the secoind lne in the system-auth and password-auth files, after the "env.so" line all good ian From: Gordon Messmer <gordon.messmer at gmail.com> To: CentOS mailing list <centos at centos.org> Sent: Friday, 17 March 2017, 17:15 Subject: Re: [CentOS] lock out account after 3 failures On 03/17/2017 02:41 AM, Ian Diddams wrote: > I’ve followed this > > > > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls Can you send the /etc/pam.d/system-auth that you used for your test? _______________________________________________ CentOS mailing list CentOS at centos.org https://lists.centos.org/mailman/listinfo/centos