Assuming a user is locked (too many login failures) and the unlock self-service feature is turned on.
- Assumptions
- The user account is locked because of too many login failures.
- The unlock self-service is enabled in the configuration.
- The user is allowed to unlock the account (one or more unlock attempts are left).
- Sample screen flow (details depend on the configuration):
- The user is asked to unlock or order a new password letter.
- The user has to provide the 2nd authentication factor (mTAN/SMS in this example).
- The user account is now unlocked and the user may try to log in again.
![61725910.png](../media/03_Media/Screenshots/IAM/Loginapp/61725910.png.theme/1.0.2/en-us.61725910.png_html.png)
![61725911.png](../media/03_Media/Screenshots/IAM/Loginapp/61725911.png.theme/1.0.2/en-us.61725911.png_html.png)
![61725912.png](../media/03_Media/Screenshots/IAM/Loginapp/61725912.png.theme/1.0.2/en-us.61725912.png_html.png)
If the user exceeds the number of allowed unlock attempts (typically 2 or 3), the account is locked without the possibility to self-unlock it again.