User-Lockout

The users with administrator privileges can disable a user account by setting the User lockout parameter. When the user is locked out during an active session, the authentication information stored in the cache is used for the session till the user logs out. The next time the user attempts to log into the node, access is denied.

User-Lockout is usually done to prevent password guessing, unauthorized access to node.

Administrator needs to configure the following parameters to the node:

• Max Invalid Login attempts: The maximum invalid login attempts, after which the user would get locked out.
• Lockout Time: Time duration during which the locked users cannot connect to node. During this lockout time, the authorized users even cannot connect to node. After the lockout time expires, the user authentication would proceed as normal.

NOTE: In User lockout feature RADIUS users with ADMIN privilege can be locked through debug interfaces, namely telnet, ssh, and ftp. The RADIUS user created with same name as LOCAL user will not be locked out if the LOCAL user is an ADMIN user.