CloudPortal Business Manager an implement an account lockout to prevent unauthorized or invalid access. You can configure account security settings and specify the number of failed login attempts before a user account gets locked and the number of failed login attempts before a CAPTCHA challenge has to be met for every additional login attempt. CAPTCHA challenges are issued to prevent unauthorized login attempts by automated or malicious software. This prevents brute force attacks.
You can specify values for the logins.lockThreshold and logins.captchaThreshold properties. The logins.lockThreshold property determines the number of failed login attempts after which a customer's account is locked. After customers cross the number of login attempts indicated by this property, their account gets locked. They have to request for a reset of the password and unlock their user account.
The logins.captchaThreshold property determines the number of failed login attempts that customers are allowed before the sign in process requires a CAPTCHA challenge to be met. After customers have crossed the number of login attempts indicated by this threshold, they will be required to satisfy a CAPTCHA challenge for every additional login attempt. If they fail to clear the CAPTCHA challenge, the login will not proceed.