Hi ,
Once user enters wrong credenatils more than 7 times , user got blocked untill 60 mins. This is outsystems default locking mechanism. Currently If I am trying to login from another IP , I am able to login.
Please advice that, how to block a user from all IP address when account blocked untill 60 mins. Thanks in advance!
Regards,
Mahesh
Hi Mahesh,
I assume you are referring to blocking application users and not IT users, correct?
Please check to following documentation on how to configure brute force protection for application users.
You'll find there is a Site Property called EnableBruteForceProtectionPerIP which you can set to False to disable IP-level blocking of users.
Hope this helps.
Nordin
Hi Nordin, Thanks for your reply.
Just one clarification: If we make the change EnableBruteForceProtectionPerIP to False, Can blocked user login from any other IP address untill blocking period like 60min ?
Setting EnableBruteForceProtectionPerIP to False and leaving EnableBruteForceProtection set to True should NOT allow blocked users to login from any IP address.
Hi Nordin,
Thank you very much for your clarification .
Best Regards,