000030337 - IMG - How to configure login lockout settings

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000030337
Applies To6.8+
Part of the Password Management module
IssueAs part of the Password Management module, IMG is able to regulate user login attempts and lock out accounts that fail multiple times in a row. These settings default to 3 attempts, and a 15 minute lock out window for the account. These settings can be changed to meet a customer's security needs.
ResolutionAs a user with admin privileges, log in to the product and navigate to Admin->System->Security->Edit. The settings for account lockout are under the first header. You can numerically define a value for each setting, or choose to have unlimited, which functionally disables lockouts.
NotesWhen a user gets locked out, subsequent login attempts to will result in the following error: "Maximum unsuccessful login attempts exceeded. You may try again at (local time + X minutes)."  Login attempts on a locked account do not reset the lockout period, so it is always X minutes after the attempt that locked you.
Admin errors are generated when users are locked out.
Successful logins are logged in the T_AV_USER_CHANGES_LOG table. However, unsuccessful attempts are not. This table also tracks Logouts, Role Changes, and Entitlement Changes.