Manage account lockout threshold policy

To prevent brute force attacks, if several sign-in attempts fail (default: 5), the user account is locked for several minutes (default: 2 minutes).

You can control these default values using the GUI or the CLI.

Manage account lockout threshold policy using GUI

Using the GUI, you can set the number of failed attempts until the account is locked and the lockout duration. You can also reset the account lockout threshold policy properties to the default values.

Procedure

From the menu, select Configure > Cluster Settings.
From the left pane, select Security.
In the Account Lockout Threshold Policy section, select Set Account Lockout Policy.
In the Set Lockout Policy dialog, do the following:
- Failed Attempts Until Lockout: Set the number of sign-in attempts to lockout between 2 to 50.
- Lockout Duration: Set the lockout duration between 30 seconds to 60 minutes.
Select Save.

To reset the account lockout threshold policy properties to the default values, select Reset account lockout policy. In the confirmation message, select Yes.

Manage account lockout threshold policy using CLI

To control the default values, use the following CLI commands:

weka security lockout-config set|show|reset

Commands options:

set: Sets the number of failed attempts until the account is locked (--failed-attempts) and the lockout duration (--lockout-duration).

reset: Resets the number of failed attempts until the account is locked and the lockout duration to their default values.

show: Shows the number of failed attempts until the account is locked and the lockout duration.

PreviousManage token expiration NextManage KMS

Last updated 9 days ago