Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-37575

Option To Lock User Out Permanently After Maximum Failed Password Attempts

    XMLWordPrintable

Details

    • 3
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.

      It has come to our attention that certain companies have the security policy to completely lock an account completely, after a certain number of failed password attempts.

      Currently, Confluence allows the user to still login with the correct password after the maximum failed attempts, as long as they enter the correct Captcha.

      We need to allow admins the ability to completely lock the account after a number of failed attempts, something like what this query does:

      UPDATE cwd_user_attribute c JOIN cwd_user u ON c.user_id = u.id SET c.attribute_value = 'true', c.attribute_lower_value = 'true'
WHERE u.user_name = '<username>' AND c.attribute_name = 'requiresPasswordChange';

      Where <username> is the user's username.

      Attachments

        Issue Links

          relates to

          Suggestion - CONFCLOUD-37575 Option To Lock User Out Permanently After Maximum Failed Password Attempts

          • Gathering Interest
          mentioned in

          Page Loading...

          Activity

            People

              Unassigned Unassigned
              fsim Foo Sim (Inactive)
              Votes:
              5 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: