If enabled, this attribute allows the sharing of login failure attempts in a identity repository that is shared by multiple Access Manager instances. For example, if the identity repository that is used for a specific deployment is Directory Server, the invalid attempts are stored in the sunAMAuthInvalidAttemptsData (which belongs to sunAMAuthAccountLockoutobjectclass). The format of the data is stored as:
<InvalidPassword><InvalidCount></InvalidCount><LastInvalidAt></LastInvalidAt><LockedoutAt></LockedoutAt><ActualLockoutDuration></ActualLockoutDuration></InvalidPassword>
This information is maintained in the Directory Server for each user. As the invalid attempts occur, <InvalidCount> is increased.