Brute force detection
Brute force detection identifies an attempt to guess a user’s password. With brute force detection, the user's account is temporarily disabled after a certain number and frequency of login failures. The user account is disabled for one minute if:
The user enters incorrect credentials twice within a second. This means that someone tries to guess the password programmatically.
The user fails to enter correct credentials 5 times. After the account is disabled, every unsuccessful attempt increases the lock by one minute, up to one hour.
To check if a user's account is disabled by brute force detection, click the on the user in the User management view to open the User details pane. The brute force detection section shows the following information:
- Status
Brute force detection status of the user account: "Blocked" (deactivated by brute force detection), or "Unblocked" (active). A user blocked by brute force detection has to wait for up to 1 hour (depending on the number of unsuccessful login attempts) for the account to be unblocked.
- Total login attempts
The number of failed login attempts.
- Last attempt
The date and time of the last login attempt.
- IP address
The IP address from which the last login attempt was made.
To activate a blocked user account, click Unblock and activate. Once unblocked, the user can log in again without waiting for the system to unblock the user after a certain time.