Werk #7090: Automatically lock users after 10 subsequent logon failures
Component | User interface | ||
Title | Automatically lock users after 10 subsequent logon failures | ||
Date | Feb 18, 2019 | ||
Level | Trivial Change | ||
Class | Security Fix | ||
Compatibility | Compatible - no manual interaction needed | ||
Checkmk versions & editions |
|
Sites created with Check_MK 1.6 will be configured to automatically lock user accounts that fail to log in 10 times in a row. Existing sites will not be affected by this change.
Check_MK already had the option to configure this feature for a long time. It can be customized using the global setting "Lock user accounts after N logon failures". If you have configured this in your setup, your setting is left untouched.
To unlock automatically locked users, you need to login as administrative user and disable the option "Disable password" for this user. In case your administrative account was locked out, you will have to reset the password of your account (using htpasswd -m ~/etc/htpasswd [user-id]).