Configuring Brute Force Detection for the Identity Provider
ULTIMATE
Admins can increase security of the Identity Provider by setting up security defenses such as configuring brute force detection.
Configuring Brute Force Detection
As an admin, you can configure brute force detection policy, which is used for the validation of password-based logins.
To configure the Brute Force Detection, perform the following steps:
Navigate to the Policies page.
Navigate to the Security Defenses tab.
Click on the Edit Button of the Brute Force Detection Panel.
A dialog will appear. Apply the desired changes and click on the Confirm Button.
Brute Force Detection Options
The following table gives an overview of available options for Brute Force Detection:
Option | Description |
|---|---|
Permanent Lockout | Locks the user permanently out when exceeding the maximum of login failures. |
Max Login Failures | How many failures until wait period is triggered. |
Wait Increment (Seconds) | In case the maximum of login failures has been met, this value defines how much time the user shall be locked out. |
Quick Login Check (Milliseconds) | If a failure happens concurrently to quickly, lock out the user. |
Minimum Quick Login Wait (Seconds) | How long the user needs to wait after a quick login failure. |
Max Wait (Seconds) | Maximum time the user shall be locked out. |
Failure Reset Time (Seconds) | Defines when the failure count will reset. |