Locking of user accounts
Authentications can fail for a number of reasons. The most obvious is that the user is not authorized to use the product they are trying to authenticate to. Use of an incorrect user ID, password, OTP, or Digipass authenticator will result in authentication failure, and the offending user account will be locked.
Online authentication
The number of unsuccessful online authentication attempts is limited based on the limit values set in the relevant Digipass Authentication for Windows Logon client component policy. If the number of authentication attempts exceeds the specified limit, the user will be locked.
Configuration
Locking user accounts can be configured via Locking Thresholds in the User tab of the Windows logon policy that is being used.
For more information about policy and user settings, refer to the Administration Web Interface Online Help.
Offline authentication
The maximum number of unsuccessful offline authentication attempts can be set via Active Directory Group Policy, or using a local registry setting. If the number of unsuccessful authentication attempts exceeds the specified limit, the user will be locked.
Configuration
You first need to enable offline authentication via the Offline Authentication tab of the Policy or User details in the Administration Web Interface. The offline authentication threshold is set using the Active Directory Group Policy or local Windows registry settings.
Unlock
An error message will be displayed when a user account has been locked. Follow the instructions provided in User account locking - troubleshooting to unlock the account.
A user must be unlocked by an administrator via the Users tab of the Administration Web Interface.