Configuring account lockout protection - PingFederate - 11.0

PingFederate Server

bundle
pingfederate-110
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 11.0
category
Product
pf-110
pingfederate
ContentType_ce

Use PingFederate's functionality to customize your account lockout protection settings.

  1. Edit the com.pingidentity.common.security.AccountLockingService.xml file, located in the <pf_install>/pingfederate/server/default/data/config-store directory.

    For more information, see the inline comments and the following table.

    Property Description
    MaxConsecutiveFailures The maximum number of failed attempts before a user is locked out for a time period.

    The default value is 3.

    Note:

    The per-instance setting in the HTML Form Adapter and the Username Token Processor overrides this property.

    LockoutPeriod The amount of time in minutes that a user is locked out when the MaxConsecutiveFailures threshold is reached.

    The default value is 1 minute.

    If you have a PingFederate clustered environment, edit this file on the console node.

  2. Save the change.
  3. Restart PingFederate.
  4. If you have a PingFederate clustered environment, click Replicate Configuration in System > Server > Cluster Management.