Actions
User Story #65
open
Epic #62: Security Policies and Credentials Management
Feature #71: Password Security Policies
As an administrator, I want to configure account lockout after failed login attempts
User Story #65:
As an administrator, I want to configure account lockout after failed login attempts
Start date:
02/04/2026
Due date:
% Done:
0%
Estimated time:
Description
Protect against brute force attacks by automatically locking accounts after a specified number of failed login attempts.
Acceptance Criteria:
- Can set number of failed attempts before lockout (e.g., 3-10)
- Can set lockout duration (time-based or manual unlock)
- Can set time window for counting attempts (e.g., 15 minutes)
- Locked users receive clear notification
- Administrators can manually unlock accounts
- Failed attempts are logged for security monitoring
Updated by
Actions