As a security measure, the customer wants to set a custom timeout for the "auto unlock" feature, related to the user accounts that have become locked due to multiple failed attempts to log in. This needs to be done in order to force the users to acknowledge that their account has been locked, as the DNN standard is to prevent the users from accessing the system for only 10 minutes, releasing the access right after this time window.
Step by Step
The auto unlock feature can be adjusted to the customer's needs by following these steps below:
1. Go to Persona-bar > Settings > Security > More > More Security Settings
2. Change the property Auto-Unlock Accounts After (Minutes) to the desired duration (in minutes) that the user account must remain locked due to the multiple failed access attempts.
Note: Set the duration to 0 (zero) in order to deactivate auto-unlock for the user accounts. This way, the user account can only be manually unlocked by an administrator.
3. Hit Save button to confirm the change.
4. Validate that the user accounts respect the new time window by locking an account with multiple password attempts and checking how long it takes to become unlocked. In case it is set to not unlock (zero minutes), please follow up for a few hours to confirm it really remains locked on a longer period.
Content Author: Hamid Waqas