Setting Account Locking Parameters
As an administrator, you can choose to lock accounts after a certain number of failed login attempts to prevent brute force attacks and you can determine the length of time an account remains locked if you do not want to manually unlock locked accounts. A failed login attempt is either a mis-typed password, or following failed login attempts, a mis-typed Captcha.
Procedure
- Log in to the Administration Console and select the Authentication node.
- Check the checkbox to the left of the Account locks after # failed login attempts field.
- Type in the required value or click on the up/down arrows to set the number of failed login attempts.
- Enter the hours or minutes for which an account will be locked out in the Lock duration field.
- Click Apply.