BriteCore provides settings to manage account lockout after a certain number of failed login attempts. These settings ensure account security while providing flexibility for administrators to define lockout durations and thresholds.
Steps to Configure Lockout Settings:
-
Log in as an Admin.
-
Navigate to Settings >> Advanced >> login.
-
Configure the following settings:
- pass-attempts: Enter the maximum number of failed password attempts allowed before locking out a user.
- freeze-minutes: Specify the number of minutes a user account remains locked after reaching the maximum number of failed login attempts.
-
Save the settings.
How It Works:
- If a user exceeds the allowed number of failed login attempts (as defined by pass-attempts), their account is locked.
- The user receives a notification indicating that the account is locked.
- The account lockout duration is governed by the freeze-minutes setting. After this period, the user can attempt to log in again.
- If no lockout is in effect, the system returns a value of None for the lockout status.