Temporary locking

Temporary locking is a feature that forces the end user to wait for an increasing time period between successive failed login attempts in order to render brute force attacks impractical while keeping help desk efforts low. Accounts are not permanently locked (unless a failed logins threshold - see above - is exceeded).

Note that temporary locking is not available when using MSAD as sole persistence layer. See Microsoft Active Directory (MSAD) for Airlock IAM for resulting limitations.

Chapter content