Uploaded image for project: 'Confluence Cloud'
  1. Confluence Cloud
  2. CONFCLOUD-37575

Option To Lock User Out Permanently After Maximum Failed Password Attempts

    XMLWordPrintable

Details

    • 2

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion.

      It has come to our attention that certain companies have the security policy to completely lock an account completely, after a certain number of failed password attempts.

      Currently, Confluence allows the user to still login with the correct password after the maximum failed attempts, as long as they enter the correct Captcha.

      We need to allow admins the ability to completely lock the account after a number of failed attempts, something like what this query does:

      UPDATE cwd_user_attribute c JOIN cwd_user u ON c.user_id = u.id SET c.attribute_value = 'true', c.attribute_lower_value = 'true'
WHERE u.user_name = '<username>' AND c.attribute_name = 'requiresPasswordChange';

      Where <username> is the user's username.

      Attachments

        Issue Links

          is related to

          Suggestion - CONFSERVER-37575 Option To Lock User Out Permanently After Maximum Failed Password Attempts

          • Closed

          Activity

            People

              Unassigned Unassigned
              fsim Foo Sim (Inactive)
              Votes:
              3 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated: