To manage lockouts please check our documentation here (lockout presentation) and here (lockout - advanced settings).


TSplus Remote Access prevents brute-force attacks by locking accounts after repeated failed attempts to login through the Portal.
By default, the lockout feature uses the following parameters:



ParameterDescriptionDefault value
LockoutActivatedDefines if the Lockout feature is activated. The Lockout feature can be disabled by setting this parameter to false. Possible values are: true, false.true
LockoutIntervalSpecifies the allowable interval of time between failed login attempts. In seconds.600
LockoutLimitDefines the number of allowed failed attempts before the account is locked out.10
LockoutPeriodSpecifies the amount of time an account is locked out and unable to login. In seconds.1800


These settings are available in the admin tool / expert mode / advanced / lockout : 



For larger deployments that use scripted management tools, these parameters can be overridden by editing the configuration file hb.exe.config located in <TSplus setup directory>\Clients\www\cgi-bin directory. In the appSettings node of the document, the parameter key may be set to a different value. The change are effective once the hb.exe.config file is saved.


For example, see the following configuration for disabling the lockout feature:


<appSettings>

<add key="LockoutActivated" value="false" />
<add key="LockoutInterval" value="600" />
<add key="LockoutLimit" value="10" />
<add key="LockoutPeriod" value="1800" />

</appSettings>


Note: The period of time a user is locked out is the greatest value between LockoutPeriod and LockoutInterval settings. Therefore, when changing LockoutPeriod's value, one should update the LockoutInterval setting with a smaller value to ensure a relevant behavior.