Failed authentication lockout - num-attempts

Information

The default number of allowed login attempts per session or user is three, meaning the user has three chances to supply valid access credentials. Once this limit is reached, the session terminates, and the user must start the login process over after an optional lockout delay (disabled by default). Both the number of allowed login attempts and the lockout delay period are configurable.

Solution

To reduce the number of login attempts before terminating the session to two, use the following command:

switch(config)# aaa authentication num-attempts 2

This setting can be set to a value of 1-10. If the lockout delay is set to a non-zero value, the number of attempts are enforced per user account; if there is no configured delay, the setting is enforced per-session.

See Also

https://support.hpe.com/hpesc/public/docDisplay?docId=a00056155en_us

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-7

Plugin: ArubaOS

Control ID: 9764d2624672ef7015279ccac009aadc4dbb06266ef1d9e0a7aff3a6b0324ecb