Login Limit
The Login Limit defines the number of failed attempts allowed before a user account is disabled or locked for a specified time. When a user attempts to login and fails (because of an incorrect password), each attempt counts against the Login Limit. When the Login Limit is achieved, the account is disabled or locked for a specified time, according to the parameters set in in the Account Lockout Duration field. The Login Limit is defined in Password Policies.
Users that have the Manage Company Capabilities permission can : - Enable and specify the Login Limit
- Track all invalid login attempts in the Audit Logs
- Reactivate the locked/disabled user account
To specify the Login Limit:
- Click Settings > Administration > Password Policies
- Click the [Edit] button
- Choose an option in the Account Lockout Threshold field from this list of options:
- No Limit
- 3 failed tries
- 4 failed tries
- 5 failed tries (default)
- 6 failed tries
- 7 failed tries
- 8 failed tries
- 9 failed tries
- 10 failed tries
To track all Invalid Login Attempts, see the Audit Log.
Reactivation
To reactivate a locked or disabled user account:
- Click Settings > Administration > User
- Select the user account of interest
- Click the [Edit] button
- Click the Active checkbox
icon - Click [Save]
Users Excluded from Password Expiration
By default, no user is exempt from the Password Policy, although it is possible to specify that a User be Excluded from the Password Expiration Policy.