Details
-
New Feature
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
Limit the number of login attempts to N times where N is a configurable value under system/configurations.
To do:
- Add ability to set maximum login retries as a global configuration
- Check maximum login times and lock account if exceeded
Notes:
- The global configuration should allow user to turn it on/off
- The global configuration should allow user to set maximum retries value
- Failed logins will set the failed login attempts value and increase it by 1 until max retries have been reached as set in the global configuration
- Successful login resets the failed login attempts to zero. For example, a user has tried and failed to login 2 times but succeeds on the third. On this third attempt, the failed login value is set to zero.
- Add this to permissions list to allow granting the same to qualified roles
- Add tests to allow test automation
- Add documentation to allow autogeneration by swagger docs