-
Suggestion
-
Resolution: Unresolved
Information system does not enforce the limit of x number consecutive invalid logon attempts by a user during a defined x minute time period. After x number of consecutive invalid logon attempts, the user account should be locked out for x minute waiting period.
User story: Crucible should enforce the limit of five (5) consecutive invalid logon attempts by a user during a defined fifteen (15) minute time period. After 5 consecutive invalid logon attempts, the user account should be locked out for 15 minutes.
This functionality should work for both internal user directories as well as LDAP connected user directories.
- is related to
-
CRUC-8130 Audit of privileged functions
- Not Being Considered