Information
Configure maximum user log in attempts and lockout period
Rationale:
Failed user log in attempts can indicate an attempt to gain access to the network. Limiting the number of attempts before the account is locked for a determined amount of time helps slow down brute force attempts and impedes malicious attempts to access user accounts.
Solution
CLI:
config user setting
set auth-lockout-threshold 5
end
config user setting
set auth-lockout-duration 300
end
Default Value:
auth-lockout-threshold: 3 auth-lockout-duration: 0