Configuring Brute Force Detection for the Identity Provider
ULTIMATE
Feature Deprecation
Please note that the Policies feature, including the Brute Force Detection Policy Configruation, was deprecated in qibb v1.43.0 and will be removed in qibb v1.45.0.
Functionality will be replaced by a custom configuration request via our service desk (Ultimate subscription required). Ultimate customers can request login and policy configuration through a support ticket. Otherwise, default configuration will apply based on industry best practices.
Admins can increase security of the Identity Provider by setting up security defenses such as configuring brute force detection.
Brute Force Detection Options
The following table gives an overview of available options for Brute Force Detection:
Option | Description |
|---|---|
Permanent Lockout | Locks the user permanently out when exceeding the maximum of login failures. |
Max Login Failures | How many failures until wait period is triggered. |
Wait Increment (Seconds) | In case the maximum of login failures has been met, this value defines how much time the user shall be locked out. |
Quick Login Check (Milliseconds) | If a failure happens concurrently to quickly, lock out the user. |
Minimum Quick Login Wait (Seconds) | How long the user needs to wait after a quick login failure. |
Max Wait (Seconds) | Maximum time the user shall be locked out. |
Failure Reset Time (Seconds) | Defines when the failure count will reset. |