security

security.accountLockoutPolicy

Specifies conditions for account lockout

security:
  accountLockoutPolicy:
    # Lockout account after 10 failed logins for 15 minutes, reset counter after 30 minutes
    threshold: 10
    lockoutDurationSeconds: 900
    resetCounterPeriodSeconds: 1800

security.accountLockoutPolicy.threshold

number = 10

Number of unsuccessful login attempts after which account will be locked out. Set to 0 to disable.

security.accountLockoutPolicy.lockoutDurationSeconds

number = 900 (15 minutes)

Time period in seconds a locked-out account remains locked out before automatically becoming unlocked.

security.accountLockoutPolicy.resetCounterPeriodSeconds

number = lockoutDurationSeconds

Time period in seconds following last unsuccessful login after which the lockout counter will be set back to zero. Must be same or greater than lockoutDurationSeconds. If no value is specified then lockoutDurationSeconds value is used.

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.