Account lockout is a security feature that, when enabled, applies to all non-SSO users in your system. This feature prevents a user from logging in once they’ve made a number of failed login attempts. You choose the number of attempts that will trigger lockout.
Locking accounts prevents hackers from accessing your system via brute force attack (i.e. attempting access by entering many passwords in succession).
You’ll also be able to choose how long the lockout lasts. One option is to lock the user out indefinitely, and only allow them access after an administrator grants them access.
You can also choose to allow users to break the lockout by resetting their password.
Locked status is not the same as disabled status; locked out users are still enabled.
To enable account locking:
No Limit leaves account lockout disabled; users are never locked out with this setting.
A new Lockout Duration field displays when you change this setting from No Limit.
Choose Forever if you want an administrator to have to enabled locked out users.
If you enable this option, users can select the Forgot your Password or User Name link on the login page.
If a user alerts you that they’ve been locked out, you can unlock their account.
To do this:
At the top of their main user profile page, you’ll see an Account Locked message.
The user should be able to log in to their account now, providing they’re using the correct credentials.
Refer to I forgot my user name / password for information on retrieving credentials.
When a user is locked out, they’ll see a message above the login fields, stating they were locked out, and telling them when they will be allowed access again. If the lockout duration is set to something less than forever, the lockout time remaining will count down in this message.
Yes, a Lock Status field is available in the User Detail report.