diff --git a/roles/os_hardening/templates/usr/share/pam-configs/pam_faillock.j2 b/roles/os_hardening/templates/usr/share/pam-configs/pam_faillock.j2
index f9ee4bb2..29a47369 100644
--- a/roles/os_hardening/templates/usr/share/pam-configs/pam_faillock.j2
+++ b/roles/os_hardening/templates/usr/share/pam-configs/pam_faillock.j2
@@ -2,7 +2,7 @@
 # Generated by Ansible role {{ ansible_role_name }}
 
 Name: faillock boilerplate
-Default: no
+Default: yes
 Priority: 1024
 Auth-Type: Primary
 Auth:
diff --git a/roles/os_hardening/templates/usr/share/pam-configs/pam_faillock_authfail.j2 b/roles/os_hardening/templates/usr/share/pam-configs/pam_faillock_authfail.j2
index e239134d..eda4c393 100644
--- a/roles/os_hardening/templates/usr/share/pam-configs/pam_faillock_authfail.j2
+++ b/roles/os_hardening/templates/usr/share/pam-configs/pam_faillock_authfail.j2
@@ -2,7 +2,7 @@
 # Generated by Ansible role {{ ansible_role_name }}
 
 Name: faillock lockout after failed attempts enforcement
-Default: no
+Default: yes
 Priority: 0
 Auth-Type: Primary
 Auth: