Failed login attempts more than 3 times does not revoke password
User reports that, they were not able to revoke Operator's password when failed with login attempts more than three times.
As per the out-of-the-box behavior, the Operator's account gets locked for some time, and the user is able to login again.
No error messages.
Steps to Reproduce
1. Enable the security policy OOTB feature of "Enable authentication lockout penalty mechanism"
2. Try to login with more than three attempts with incorrect password. PRPC introduces only a delay but does not revoke the password.
Existing out of the box behavior for "Enable authentication lockout penalty mechanism" only introduces a delay, but does not revoke the password.
Apply HFix-25414. HFix-25414 is provided for the existing Security Policies a new policy to support password lock out is added.
This involves the following Engine and UI changes:
- Extra fields in Security Policies Landing page to support the feature
- New Landing Page to unlock the operator
100% found this useful