security
security.accountLockoutPolicy
Specifies conditions for account lockout
security:
accountLockoutPolicy:
# Lockout account after 10 failed logins for 15 minutes, reset counter after 30 minutes
threshold: 10
lockoutDurationSeconds: 900
resetCounterPeriodSeconds: 1800
security.accountLockoutPolicy.threshold
number = 10
Number of unsuccessful login attempts after which account will be locked out. Set to 0
to disable.
security.accountLockoutPolicy.lockoutDurationSeconds
number = 900
(15 minutes)
Time period in seconds a locked-out account remains locked out before automatically becoming unlocked.
security.accountLockoutPolicy.resetCounterPeriodSeconds
number = lockoutDurationSeconds
Time period in seconds following last unsuccessful login after which the lockout counter will be set back to zero.
Must be same or greater than lockoutDurationSeconds
. If no value is specified then lockoutDurationSeconds
value is used.