> AquaLogic Interaction Administrator Guide > Managing Portal Users and Groups > About Users > Locking and Unlocking User Accounts > Automatically Locking User Accounts

AquaLogic Interaction Administrator Guide

     Previous Next  Open TOC in new window   View as PDF - New Window  Get Adobe Reader - New Window
Content starts here

Automatically Locking User Accounts

You can automatically lock user accounts based on failed login attempts.

  1. Click Administration.
  2. In the Select Utility drop-down list, click Portal Settings.
  3. On the User Settings Manager page, enable account locking and specify how long failed logins are tracked, the total number of failed logins required before an account will be locked, and the number of minutes for which automatically locked accounts remain locked. Your individual security needs will determine what settings to use for automatic account locking. For example, to meet a strength of password function rating of SOF-basic as defined in the Common Criteria for Information Technology Security Evaluation, Version 2.3, August 2005 (found at http://niap.bahialab.com/cc-scheme/cc_docs/), you might set the following values:
    • Minutes to track failed Logins: 60 minutes or more
    • Number of failed Login attempts allowed: 5 or fewer
    • Minutes to keep user account locked: 60 minutes or more
Parent topic: Locking and Unlocking User Accounts

  Back to Top      Previous Next