I have a question about how EEM handles the incorrect password settings. We currently have the "Invalidate password after X attempts"set to 10.
The documentation states that "after a sequence of incorrect passwords, EE can disable the user's account". Does a "sequence" mean that the attempts have to be consecutive OR does it mean that it is cumulative and will invalidate whenever the 10th incorrect password is entered?
I believe it is not cumulative, but it appears to disable some people after a few incorrect attempts. Is there possibly a time period that it uses to accumulate them and then clears out after a certain period of time.
it's cumulative and will get synced around if the machine is able.
It clears the account after a successful login locally, which will get uploaded to EEM and back down to other machines etc.
what usually catches people out is userA tries a few times on machineA and locks their account, then userB logs into machineA - when it syncs, it uploads userA's guessing history to EEM, which sends it to all other machines when they sync.
At some point, userA goes and tries to login to machineB, and finds their account already locked, or locks after fewer attempts etc because when it last synced, there was some history for userA....
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.