Administrators can lock out CC-SG users and SSH users after a specified number of failed login attempts. You can enable this feature for locally authenticated users, for remotely authenticated users, or for all users.
Note: By default, the admin account is locked out for five minutes after three failed login attempts. For admin, the number of failed login attempts before lockout and after lockout is not configurable.
To enable lockout:
Choose Administration > Security.
Click the Login Settings tab.
Select the Lockout Enabled for Local Users checkbox to enable lockout for users who are locally authenticated. Select the Lockout Enabled for Remote Users checkbox to enable lockout for users who are remotely authenticated.
The default number of Failed Login Attempts before a user is locked out is three. You can change this value by entering a number from 1 to 10.
Choose a Lockout Strategy:
Lockout for Period: specify the period of time, in minutes, the user will be locked out before they can login again. The default number is five minutes. You can specify a period from 1 minute up to 1440 minutes (24 hours). After the time expires, the user can log in again. At any time during the lockout period, an administrator can override this value and allow the user to log back into CC-SG.
Lockout Until Admin Allows Access: users are locked out until an administrator unlocks the user account.
Type an email address in the Lockout Notification Email field. Notification is sent to this email address when lockout has occurred. If the field is blank, notification is not sent. Optional.
Type a phone number in the Administrator's Telephone field. The phone number will appear in the notification email that is sent when lockout occurs. Optional.
Click Update to save your changes.
To disable lockout:
When you disable lockout, all users currently locked out of CC-SG will be allowed to log in.
Choose Administration > Security.
Open the Login Settings tab.
Deselect the Lockout Enabled for Local Users checkbox to disable lockout for locally authenticated users. Deselect the Lockout Enabled for Remote Users checkbox to disable lockout for remotely authenticated users.
