To help protect against events such as common brute force and dictionary attacks, the system will lock out user accounts after five failed login attempts. These accounts will remain locked for 30 minutes. If necessary, an administrator can unlock these user accounts from the administrative web portal.
Unlock LDAP and Active Directory accounts
User accounts that have been imported by an LDAP authentication source, such as Active Directory, should be managed within the original source. The Unlock feature does not support LDAP-imported accounts.
Forgot password page
To prevent account lockouts, users can click the Forgot Password link in the Login page when they are having trouble remembering their login credentials.
The same 30 minute lockout rule applies for users in the Forgot Password page. After five failed reset attempts, users will be locked out for 30 minutes.
Unlock a user account
To unlock a user account:
- In the Organization navigation menu, select the user’s organization. The selected organization displays.
- Click the Accounts tab. The Accounts page displays, listing all existing accounts.
- Find the locked out user account and click the Edit button.
- In the Account Overview section of the Account Settings page, click the Unlock Account button. The user account is now unlocked, and will be able to log back into the system.
- Optionally, you can allow the user to reset his or her password from the Accounts page. Return to the Accounts page and select the checkbox next to the appropriate account.
- With the account selected, click the Send Message button. An Email User dialog box displays, allowing you to compose an email message directly from your web browser.
- Click the Send reset password link checkbox to provide the selected user account with a link to reset his or her password.
- Click the Send button when you are finished.