MithiDocs

Secure Vaultastic account access using Account Lockout



Overview

The automatic account lockout feature in Vaultastic prevents hackers from finding out a user’s password by brute force.

When enabled for the domain, Vaultastic accounts will be automatically locked out when the number of unique invalid login attempts exceeds the given threshold in the specified interval.

Configure Account Lockout feature for your domain

  1. Log in to the Vaultastic application using Vault ID with the admin rights.
  2. Navigate to the Admin Panel > Vaultastic Domain > Account Lockout
  3. Toggle the Account Lockout switch to enable or disable the account lockout feature for all the vaults of the domain.
  4. Toggle the switch Auto Account Unlock to enable or disable the property. When enabled, an account that is locked out will be automatically unlocked after the period given by the account lockout period.
  5. Enable the Show user authentication error message to display the error message showing the cause such as account lockout, account expiry, etc.
  6. Set the period in minutes in the Account Lockout Period box for which the account is locked out.
  7. Set the Max invalid password attempts allowed with unique invalid passwords in the given interval.
  8. Configure the Max invalid password attempt interval in seconds between the consecutive unique invalid attempts.


Unlock a locked account 

To unlock the account, follow the steps mentioned below:

  1. Log in to the Vaultastic application using Vault ID with the admin rights and navigate to the Admin Panel.
  2. In the left pane, click on the Vaultastic domain and select Vaults.  The middle pane will show the list of existing vaults in the domain.

  3. Click on the Vault summary in the middle pane. 

  4. In the right pane, expand the Authentication section.

  5. Toggle the Account Locked switch to unlock the account.

  6. Click on Save to update the account lockout status of the Vault.