Use PingFederate's functionality to customize your account lockout protection settings.
-
Edit the
com.pingidentity.common.security.AccountLockingService.xml
file, located in the
<pf_install>/pingfederate/server/default/data/config-store
directory.
For more information, see the inline comments and the following table.
Property Description MaxConsecutiveFailures The maximum number of failed attempts before a user is locked out for a time period. The default value is
3
.Note:The per-instance setting in the HTML Form Adapter and the Username Token Processor overrides this property.
LockoutPeriod The amount of time in minutes that a user is locked out when the MaxConsecutiveFailures threshold is reached. The default value is
1
minute.If you have a PingFederate clustered environment, edit this file on the console node.
- Save the change.
- Restart PingFederate.
- If you have a PingFederate clustered environment, click Replicate Configuration in System > Server > Cluster Management.