Product Documentation

Configuring account lockout settings

Dec 22, 2015

CloudPortal Business Manager an implement an account lockout to prevent unauthorized or invalid access. You can configure account security settings and specify the number of failed login attempts before a user account gets locked and the number of failed login attempts before a CAPTCHA challenge has to be met for every additional login attempt. CAPTCHA challenges are issued to prevent unauthorized login attempts by automated or malicious software. This prevents brute force attacks.

You can specify values for the logins.lockThreshold and logins.captchaThreshold properties. The logins.lockThreshold property determines the number of failed login attempts after which a customer's account is locked. After customers cross the number of login attempts indicated by this property, their account gets locked. They have to request for a reset of the password and unlock their user account.

The logins.captchaThreshold property determines the number of failed login attempts that customers are allowed before the sign in process requires a CAPTCHA challenge to be met. After customers have crossed the number of login attempts indicated by this threshold, they will be required to satisfy a CAPTCHA challenge for every additional login attempt. If they fail to clear the CAPTCHA challenge, the login will not proceed.

  1. Log in to CloudPortal Business Manager UI as Root user
  2. Click the drop-down menu icon in the top right corner next to ROOT USER, and then click Administration
  3. Click Account Management
  4. In the Security pane, click Configure, and then click Edit
  5. Specify the values for logins.lockThreshold and logins.captchaThreshold
  6. Click Save to save your changes and then click Close to close the dialog box.