Locking Out User After Failed Login AttemptsLast Updated: 12/03/2015 Introduced in Verision: 2.0 |
Users can be locked out of the portal after a number of failed login attempts. To set the number of login attempts to accept, open the Edit Portal Settings pop-up, select the Enable Account Lockout checkbox and fill in the Lockout After Number Of Attempts field. To reset a user’s number of attempts, select their account in the System > Security > Accounts folder and, in its Action menu, select Reset Number of Attempts.
Example
In our example, we will set the number of attempts a user may make to login, and then reset the number of attempts for a user who has been locked out.
Begin in the System > Settings folder. Select Portal Settings and, in its Action menu, select Edit Portal Settings.
In the resulting Edit Portal Settings pop-up, under the Password Settings section, select the Enable Account Lockout checkbox. When we do so, the Lockout After Number Of Attempts field will appear below. Enter the number “3”.
Next, logout of the portal and attempt to login three times as the user test@example.com with an invalid password.
After the third attempt, the login page will show the message: “Max Number Of Attempts Reached”. Attempts to login with either a valid or invalid password will fail until the maximum number has been reset for test@example.com.
To reset this user’s number of allowed failed login attempts, login as the Admin user. Navigate to System > Security > Accounts and select test@example.com. In its Action menu, select Reset Number Of Attempts.
A pop-up will asks us to confirm that we would like to reactivate this account. We will click Yes.
When we logout and again attempt to login as test@example.com with an invalid password, notice the Invalid User/Password error.
When we attempt to login as test@example.com with a valid password, we will be taken to the portal.
Need more help with:
Locking Out the User After Failed Login Attempts?