Skip to main content

Brute force detection

Brute force detection identifies an attempt to guess a user’s password. With brute force detection, the user's account is temporarily disabled after a certain number and frequency of login failures. The user account is disabled for one minute if:

The user enters incorrect credentials twice within a second. This means that someone tries to guess the password programmatically.
The user fails to enter correct credentials 5 times. After the account is disabled, every unsuccessful attempt increases the lock by one minute, up to one hour.

In this section:

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.