We may have to implement stronger authentication controls on our servers. Specifically, account lock out after a number of failed attempts, and password expiry. Is DSS v6 capable of these or would the best approach be to employ directory services?

Thanks.