We have an AM 8.4 integrated with Cloud Authentication Service.
We have defined in the AM a lockout policy for all users that allows automatic unlock after 15 minutes. But we've noticed this policy is not applied to users using MFA, they stay locked and must be manually unlocked through AM console.
Is there a way to apply a lockout policy for the MFA authentications?
- Authentication Manager
- Cloud Auth
- Cloud Authentication
- Cloud Authentication Service
- Community Thread
- Forum Thread
- RSA SecurID
- RSA SecurID Access
Yes, we have lockout policies configured there, but we've noticed they're not applying.
The situation is this: we are using the Approve method to authenticate a VPN with Cisco Anyconnect and a Cisco ASA as VPN concentrator. The ASA has an authentication timeout and if the user doesn't approve the authentication before the timeout, the Authenticate app enters a loop, asking again and again for approves... till the user ends locked. And stays unlocked until we manually unlock him/her.
Thanks for your help. After reviewing and testing now (I think) I know what's happening.
Approve method doesn't get locked, is the Authenticate tokencode. I was confused with the password lockout and I thought it was applicable also to the Authenticate tokencode.
But as far as I can see, there's no way to apply an automatic lockout to the Authenticate tokencode, only the retries till it gets locked. Is that correct?