Skip to main content

Account Lock Settings

info
Particular to vendor owners' roles

The Account Lock Settings module allows Vendor to define and manage how user accounts are locked due to security violations (such as repeated failed login attempts) and how they are unlocked. This enhances security and protects against unauthorized access.

Accoun_Lock_Settings

Account Lock Configuration

Prevent unauthorized access by locking user accounts after a specific number of failed login attempts.

  1. Go to Lock & Unlock Configuration tab.

The Lock & Unlock Configuration screen appears as shown below

Accoun_Lock_Settings

  1. Enter Maximum Failed Login Attempts between 4 and 10.
info

If the toggle button is disabled (turned off) in the Account Lock Settings, it means that the respective configuration is inactive or not applied.

  1. Click Save.

On saving, the confirmation message appears as shown below.

On the login page, if incorrect credentials are entered repeatedly, the Too many failed attempts screen will appear as shown below.

Accoun_Lock_Settings

Account Unlock Configuration

info

Vendor can configure three ways to unlock locked user accounts:

  1. Auto Unlock Configuration.
  2. Self Unlock Configuration.
  3. Admin Unlock on Request.

Auto Unlock Configuration

Automatically unlocks the account after a predefined time.

  1. Click on Auto Unlock Configuration dropdown.

Accoun_Lock_Settings

  1. Enter a Lock Duration between 15 and 120 minutes.

  2. Click Save.

On saving, the confirmation message appears as shown below.

Self Unlock Configuration

Allows users to unlock their accounts without admin help.

info

Two methods:

  1. Email with unlock link
  2. OTP - based validation (email or mobile number)

If vendor selects the Self Unlock Configuration as Email with unlock link:

  1. Click on Self Unlock Configuration dropdown.

Accoun_Lock_Settings

  1. Enter Link Validity Period between 30 and 120 minutes.

  2. Click Save.

On saving, the confirmation message appears as shown below.

If vendor selects the Self Unlock Configuration as OTP - based validation:

  1. Click OTP - based validation (email or mobile number) radio button.
info

There are three types of OTP Delivery Methods available:

  1. SMS
  2. Email
  3. Both

Example Use Case: Both

Accoun_Lock_Settings

  1. Select OTP Delivery Method from the dropdown.

  2. Enter Maximum Failure Validation Limit between 3 and 8.

  3. Enter Email OTP Expiry Time between 5 and 30 minutes.

  4. Enter SMS OTP Expiry Time between 1 and 15 minutes.

  5. Enter Resend OTP Timer between 30 and 120 seconds.

  6. Enter Retry Interval After Max Failures between 10 and 30 minutes.

  7. Enter Maximum OTP Limit Per User between 5 and 10 and between 15 and 30 minutes.

  8. Enter Save.

On saving, the confirmation message appears as shown below.

On the login page, if incorrect credentials are entered repeatedly, the Too many failed attempts screen will appear as shown below.

Accoun_Lock_Settings

  1. Click Unlock Account.

The Unlock screen displays as shown below

Accoun_Lock_Settings

  1. Enter Email.

  2. Click Send Verification Link.

info

An OTP will be sent to the registered email id.

After clicking Get OTP, a timer will start.

Once the timer completes, the Resend OTP button will appear, allowing the user to request the OTP again.

  1. Enter OTP.

Accoun_Lock_Settings

  1. Click Verify and Unlock.

The Verification Successful screen appears as shwon below

Accoun_Lock_Settings

  1. Click Go to Login.

Admin Unlock on Request

Vendor manually unlocks the account upon user's request.

  1. Click Admin Unlock on Request dropdown.

Accoun_Lock_Settings

  1. Enter Minimum Lock Duration Before Requests between 10 to 30 minutes.

On saving, the confirmation message appears as shown below.

On the login page, if incorrect credentials are entered repeatedly, the Too many failed attempts screen will appear as shown below.

Accoun_Lock_Settings

  1. Click Request Admin Unlock.

The Reason for Request screen appears as shown below

Accoun_Lock_Settings

  1. Enter Reason for Request.

  2. Click Submit Request.

The Unlock Request screen appears as shwon below

Accoun_Lock_Settings

info

The unlock request will appear under the Locked Account List.

The Locked Account List screen appears as shown below

Accoun_Lock_Settings

Viewing Locked Account Details

  1. Click View.

Accoun_Lock_Settings

The Locked Account Details dialogue box appears as shown below

Accoun_Lock_Settings

Managing Unlock Request

  1. Click Unlock.

Accoun_Lock_Settings

The Manage Unlock Request dialogue box appears as shown below

  1. Enter Unlock Reason.
info

Click Reject to decline the unlock request.

  1. Click Unlock.

On unlocking, the confirmation message appears as shown below.