Versions Compared

Old Version 3

changes.mady.by.user user-b438a

Saved on

compared with

New Version Current

changes.mady.by.user Documenter

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


...

Excerpt
hiddentrue

Limit the number of failed

...

login attempts, locking out the user for a certain period of time.


Admin users can configure lockout settings for Website users. Maximum number of failed logins, maximum retry time, and the lockout period can be set.  If a user does not enter the correct password with the maximum failed login allowed, they will be locked out and cannot retry for a certain period. Admin users can unlock a locked user immediately in the CMS.

Image Added 



Step-by-step guide

...


...

To set Lockout Settings:

...

  1. In the CMS, go to Settings → Feature Management → User.

  2. Ensure User Accounts is toggled ON and click Configure.
    Image Added

  3. Scroll down to Lockout Settings.
    Image Added

  4. In Login Max Retry Count, enter the number of times a user can key in type an incorrect password .
  5. To update the retry count, change the number in the box then scroll to the bottom of the page and click the Update button

 

...

  1. before being locked out. Default: 3 times; 0 = unlimited number of tries.

  2. In Login Max Retry Time, enter the time period (in seconds)

...

If the user attempts the maximimum number of login attempts within the time period they will then be locked out for the time period (in seconds) indicated by the field Login failed login lockout time (default 30 seconds)

...

  1. within which the number of failed login attempts are counted towards a lockout. Default: 0 = 60 seconds. 

  2. In Login Failed Lockout Time, enter the time period a user will be locked out for. Default: 0 = 30 seconds.

  3. When you have finished editing, click Save or Save & Exit.


Unlock a Locked User

Admin users can unlock a locked user immediately. This will bypass the Failed Login Lockout Time set.


  1. Go to UsersWebsite Users.

  2. Use the Search tool to find the user. A locked user will have an 'Unlock' button in their row. 

    Image Added
  3. Click the Unlock button. The User will be unlocked immediately. NOTE - This Unlock button will still display if the lockout period has passed and the user has not re-logged in. 
Tip

The Unlock button is also displayed in the User's Edit User page. 


Related help

Content by Label
showLabelsfalse
max5
spacesKB
showSpaceDRAFTfalse
sortmodified
showSpacefalse
reversetrue
typepage
cqllabel in ("fail","login","user","retry","lockout") and type = "page" and space = "KB"
labelsuser login fail retry lockout