To manage lockouts please check our documentation here (lockout presentation) and here (lockout - advanced settings).
TSplus Remote Access prevents brute-force attacks by locking accounts after repeated failed attempts to login through the Portal.
By default, the lockout feature uses the following parameters:
| Parameter | Description | Default value |
| LockoutActivated | Defines if the Lockout feature is activated. The Lockout feature can be disabled by setting this parameter to false. Possible values are: true, false. | true |
| LockoutInterval | Specifies the allowable interval of time between failed login attempts. In seconds. | 600 |
| LockoutLimit | Defines the number of allowed failed attempts before the account is locked out. | 10 |
| LockoutPeriod | Specifies the amount of time an account is locked out and unable to login. In seconds. | 1800 |
These settings are available in the admin tool / expert mode / advanced / lockout :
For larger deployments that use scripted management tools, these parameters can be overridden by editing the configuration file hb.exe.config located in <TSplus setup directory>\Clients\www\cgi-bin directory. In the appSettings node of the document, the parameter key may be set to a different value. The change are effective once the hb.exe.config file is saved.
For example, see the following configuration for disabling the lockout feature:
<appSettings>
<add key="LockoutActivated" value="false" />
<add key="LockoutInterval" value="600" />
<add key="LockoutLimit" value="10" />
<add key="LockoutPeriod" value="1800" />
</appSettings>
Note: The period of time a user is locked out is the greatest value between LockoutPeriod and LockoutInterval settings. Therefore, when changing LockoutPeriod's value, one should update the LockoutInterval setting with a smaller value to ensure a relevant behavior.