This topic describes how to configure account lockout policies to ensure system security and prevent account passwords from being cracked by brute force.

Procedure

  1. Log on to the Bastionhost system. For more information, see Log on to Bastionhost.
  2. In the left-side navigation pane, click Users > Authentication Settings.
  3. Configure account lockout policies on the Security Configuration tab.
    Security Configuration tab

    The following table describes the parameters to be configured.

    Parameter Description
    Account Lockout Threshold The number of failed logon attempts that causes an account to be locked.

    Valid values: 0 to 999. Default value: 5. The value 0 indicates that the number of failed logon attempts is not limited.

    Account Lockout Duration The duration within which a locked account cannot be used to log on to the system.

    Valid values: 0 to 10080. Default value: 30. The value 0 indicates that an account is locked until the administrator unlocks the account.

    Reset Account Lockout Counter After The number of minutes that must elapse from the time a user fails to log on before the failed logon attempt counter is reset to 0.

    Valid values: 0 to 10080. Default value: 5.

  4. Click Save.