Articles in this section

See more

Login - Lock Mechanism

Overview

Starting in version 4.2.5, JetPatch implements a login lock mechanism that automatically disables user accounts after multiple failed login attempts within a specified time period. 

The locked accounts will be automatically re-enabled after a configured duration has elapsed.

Lock Mechanism Details

  1. If a certain number of login attempts happen within a certain duration, the system disables the user
  2. The account will become enabled automatically after a long period of time if disabled by lockout

Configuration

Set parameters in the Intigua.Properties file:

# number of failure attempts until locking

system.login.lock.num-attempts=5

# period of time for the failures to occur in order to lock the account

system.login.lock.failure-check.duration.min=5

# automatically unlock after the period

system.login.lock.duration.min=600

Configuration Parameters

  • system.login.lock.num-attempts: 
    • Number of failed login attempts before the account is locked (default: 5)
  • system.login.lock.failure-check.duration.min: 
    • Time window in minutes during which failed attempts are counted (default: 5 minutes)
  • system.login.lock.duration.min: 
    • Duration in minutes for which the account remains locked before automatic unlock (default: 600 minutes/10 hours)

Related articles

Comments

0 comments

Please sign in to leave a comment.