-
Task
-
Resolution: Fixed
-
Neutral
-
None
-
None
-
None
-
None
-
-
Empty show more show less
-
Empty show more show less
MAGNOLIA-3557 is a new security feature that locks an account out after a number of failed login attempts. This feature is available starting with Magnolia 4.4.3 and needs to be documented.
The feature is configurable in /server/security/userManagers and works for SystemUserManager and MgnlUserManager classes. Maximum number of attempts that triggers a lockout is 5 by default. Value 0 disables the function. Lockout is implemented by setting the user.enabled property to false. A lock can be removed by an administrator by enabling the user again in the user edit dialog (checkbox)
Document in:
- caused by
-
MAGNOLIA-3557 Implement automatic account lockout after a number of failed log-ins
- Closed
- is related to
-
MAGNOLIA-3671 User locked under heavy load.
- Closed