diff --git a/bin/hardening/10.1.9_set_fail_delay_seconds.sh b/bin/hardening/10.1.9_set_fail_delay_seconds.sh
index 7451163..16bcb48 100755
--- a/bin/hardening/10.1.9_set_fail_delay_seconds.sh
+++ b/bin/hardening/10.1.9_set_fail_delay_seconds.sh
@@ -60,12 +60,13 @@ apply () {
         crit "$PATTERN is not present in $FILE, add default config to $FILE"
         add_line_file_before_pattern $FILE "auth       optional   pam_faildelay.so  delay=4000000" "# Outputs an issue file prior to each login prompt (Replaces the"
     elif [ $FNRET = 3 ]; then
-        crit "$OPTIONNAME set is not match legally, reset it to $CONDT_VAL"
-        reset_option_to_password_check $FILE $PAMLIBNAME "$OPTIONNAME" "$CONDT_VAL"
+        crit "$FILE is not exist, please check"
     elif [ $FNRET = 4 ]; then
-        crit "444"
-    elif [ $FNRET = 5 ]; then
-        crit "555555555555"
+        crit "$OPTIONNAME is not conf"
+        add_option_to_auth_check $FILE $PAMLIBNAME "$OPTIONNAME=$CONDT_VAL"
+     elif [ $FNRET = 5 ]; then
+        crit "$OPTIONNAME set is not match legally, reset it to $CONDT_VAL"
+        reset_option_to_auth_check $FILE $PAMLIBNAME "$OPTIONNAME" "$CONDT_VAL"
     fi 
 }
 
diff --git a/lib/utils.sh b/lib/utils.sh
index 0ec1a50..cb4b3d9 100644
--- a/lib/utils.sh
+++ b/lib/utils.sh
@@ -527,6 +527,24 @@ add_option_to_password_check()
     sed -ie "s;\(^password.*$KEYWORD.*\);\1 $OPTIONSTR;" $PAMPWDFILE  
 }
 
+# Add auth check option 
+add_option_to_auth_check() 
+{
+    #Example:
+    #local PAMPWDFILE="/etc/pam.d/common-password"
+    #local KEYWORD="pam_cracklib.so"
+    #local OPTIONSTR="retry=3"
+    local PAMPWDFILE=$1
+    local KEYWORD=$2
+    local OPTIONSTR=$3
+    debug "Setting $OPTIONSTR for $KEYWORD"
+    backup_file "$PAMPWDFILE"
+    # For example : 
+    # password  requisite           pam_cracklib.so  minlen=8 difok=3
+    # password  requisite           pam_cracklib.so  minlen=8 difok=3 retry=3
+    sed -ie "s;\(^auth.*$KEYWORD.*\);\1 $OPTIONSTR;" $PAMPWDFILE  
+}
+
 # Reset password check option value when option is not set a correct value 
 reset_option_to_password_check()
 {
@@ -547,6 +565,26 @@ reset_option_to_password_check()
     sed -ie "s/${OPTIONNAME}=./${OPTIONNAME}=${OPTIONVAL}/" $PAMPWDFILE
 }
 
+# Reset auth check option value when option is not set a correct value 
+reset_option_to_auth_check()
+{
+    #Example:
+    #local PAMPWDFILE="/etc/pam.d/common-password"
+    #local KEYWORD="pam_cracklib.so"
+    #local OPTIONNAME="retry"
+    #local OPTIONVAL="3"
+    local PAMPWDFILE=$1
+    local KEYWORD=$2
+    local OPTIONNAME=$3
+    local OPTIONVAL=$4
+    debug "Setting $OPTION for $KEYWORD reset option value to $OPTIONVAL"
+    backup_file "$PAMPWDFILE"
+    # For example : 
+    # password  requisite           pam_cracklib.so  minlen=8 difok=3 retry=1
+    # password  requisite           pam_cracklib.so  minlen=8 difok=3 retry=3
+    sed -ie "s/${OPTIONNAME}=.*/${OPTIONNAME}=${OPTIONVAL}/" $PAMPWDFILE
+}
+
 # Only check option name 
 check_auth_option_nullok_by_pam()
 {