Details
-
Sub-Task
-
Status: Resolved
-
Major
-
Resolution: Done
-
1.7.10
-
All databases
Description
*** Part of the security enhancements update ***
Users are locked-out when the defined number of failed attempts have been reached. Once locked, the user must wait a preset period of time. The lockout threshold and wait time are defined by the site administrator.
NEW PARAMETERS
Two new Global Parameters were created as part of the new lockout feature. These parameters must be defined in the PM_GLOBAL_PARAMS table for users to be locked out after the defined number of failed attempts and number of minutes they must wait before attempting to try again.
Parameter Name: PM_LOCKED_MAX_COUNT
Parameter Value: [number of times user can enter the wrong password]
Parameter Data Type: Text
Parameter Name: PM_LOCKED_WAIT_TIME
Parameter Value: [number of minutes user has to wait after being locked out]
Parameter Data Type: Text
NEW ERROR MESSAGE
The following error message will appear to users when they have reached the threshold and have now locked their account.
ERROR: Too many invalid attempts, user locked out
Users are locked-out when the defined number of failed attempts have been reached. Once locked, the user must wait a preset period of time. The lockout threshold and wait time are defined by the site administrator.
NEW PARAMETERS
Two new Global Parameters were created as part of the new lockout feature. These parameters must be defined in the PM_GLOBAL_PARAMS table for users to be locked out after the defined number of failed attempts and number of minutes they must wait before attempting to try again.
Parameter Name: PM_LOCKED_MAX_COUNT
Parameter Value: [number of times user can enter the wrong password]
Parameter Data Type: Text
Parameter Name: PM_LOCKED_WAIT_TIME
Parameter Value: [number of minutes user has to wait after being locked out]
Parameter Data Type: Text
NEW ERROR MESSAGE
The following error message will appear to users when they have reached the threshold and have now locked their account.
ERROR: Too many invalid attempts, user locked out
Attachments
Activity
| Field | Original Value | New Value |
|---|---|---|
| Assignee | Janice Donahoe [ jmd86 ] |
| Status | New [ 10000 ] | Open [ 1 ] |
| Status | Open [ 1 ] | In Progress [ 3 ] |
| Status | In Progress [ 3 ] | Ready to Test [ 10001 ] |
| Status | Ready to Test [ 10001 ] | Testing [ 10002 ] |
| Fix Version/s | 1.7.10 [ 10307 ] |
| Rank | Ranked higher |
| Testing Notes |
Tested and verified the lockout is working correctly.
Changed the value's of the following parameters to verify they are working correctly. PM_LOCKED_MAX_COUNT PM_LOCKED_WAIT_TIME |
|
| Status | Testing [ 10002 ] | Testing [ 10002 ] |
| Description |
Lockout after specific number of failed login attempts made (password driven).
This task is part of the security enhancements update. |
Lockout after specific number of failed login attempts made (password driven).
This task is part of the security enhancements update. Two new Global Parameters were created as part of the new lockout feature. The following parameters must be defined in order for users to be locked out after the defined number of failed attempts to logging into the i2b2. Parameter Name: PM_LOCKED_MAX_COUNT Parameter Value: [number of times user can enter the wrong password] Parameter Data Type: Text Parameter Name: PM_LOCKED_WAIT_TIME Parameter Value: [number of minutes user has to wait after being locked out] Parameter Data Type: Text |
| Resolution | Done [ 10001 ] | |
| Status | Testing [ 10002 ] | Resolved [ 5 ] |
| Description |
Lockout after specific number of failed login attempts made (password driven).
This task is part of the security enhancements update. Two new Global Parameters were created as part of the new lockout feature. The following parameters must be defined in order for users to be locked out after the defined number of failed attempts to logging into the i2b2. Parameter Name: PM_LOCKED_MAX_COUNT Parameter Value: [number of times user can enter the wrong password] Parameter Data Type: Text Parameter Name: PM_LOCKED_WAIT_TIME Parameter Value: [number of minutes user has to wait after being locked out] Parameter Data Type: Text |
*** Part of the security enhancements update ***
Lockout after specific number of failed login attempts made (password driven). This task is part of the security enhancements update. Two new Global Parameters were created as part of the new lockout feature. The following parameters must be defined in order for users to be locked out after the defined number of failed attempts to logging into the i2b2. Parameter Name: PM_LOCKED_MAX_COUNT Parameter Value: [number of times user can enter the wrong password] Parameter Data Type: Text Parameter Name: PM_LOCKED_WAIT_TIME Parameter Value: [number of minutes user has to wait after being locked out] Parameter Data Type: Text |
| Summary | Failed attempts lockout | Account lockout feature - Failed login attempt |
| Description |
*** Part of the security enhancements update ***
Lockout after specific number of failed login attempts made (password driven). This task is part of the security enhancements update. Two new Global Parameters were created as part of the new lockout feature. The following parameters must be defined in order for users to be locked out after the defined number of failed attempts to logging into the i2b2. Parameter Name: PM_LOCKED_MAX_COUNT Parameter Value: [number of times user can enter the wrong password] Parameter Data Type: Text Parameter Name: PM_LOCKED_WAIT_TIME Parameter Value: [number of minutes user has to wait after being locked out] Parameter Data Type: Text |
*** Part of the security enhancements update ***
Account lockout feature - Failed login attempt Lockout after specific number of failed login attempts made (password driven). This task is part of the security enhancements update. Two new Global Parameters were created as part of the new lockout feature. The following parameters must be defined in order for users to be locked out after the defined number of failed attempts to logging into the i2b2. Parameter Name: PM_LOCKED_MAX_COUNT Parameter Value: [number of times user can enter the wrong password] Parameter Data Type: Text Parameter Name: PM_LOCKED_WAIT_TIME Parameter Value: [number of minutes user has to wait after being locked out] Parameter Data Type: Text |
| Summary | Account lockout feature - Failed login attempt | User account lockout feature |
| Summary | User account lockout feature | Account - User lockout |
| Description |
*** Part of the security enhancements update ***
Account lockout feature - Failed login attempt Lockout after specific number of failed login attempts made (password driven). This task is part of the security enhancements update. Two new Global Parameters were created as part of the new lockout feature. The following parameters must be defined in order for users to be locked out after the defined number of failed attempts to logging into the i2b2. Parameter Name: PM_LOCKED_MAX_COUNT Parameter Value: [number of times user can enter the wrong password] Parameter Data Type: Text Parameter Name: PM_LOCKED_WAIT_TIME Parameter Value: [number of minutes user has to wait after being locked out] Parameter Data Type: Text |
*** Part of the security enhancements update ***
Lockout after specific number of failed login attempts made (password driven). Two new Global Parameters were created as part of the new lockout feature. The following parameters must be defined in order for users to be locked out after the defined number of failed attempts to logging into the i2b2. Parameter Name: PM_LOCKED_MAX_COUNT Parameter Value: [number of times user can enter the wrong password] Parameter Data Type: Text Parameter Name: PM_LOCKED_WAIT_TIME Parameter Value: [number of minutes user has to wait after being locked out] Parameter Data Type: Text |
| Summary | Account - User lockout | Lockout after failed logins |
| Description |
*** Part of the security enhancements update ***
Lockout after specific number of failed login attempts made (password driven). Two new Global Parameters were created as part of the new lockout feature. The following parameters must be defined in order for users to be locked out after the defined number of failed attempts to logging into the i2b2. Parameter Name: PM_LOCKED_MAX_COUNT Parameter Value: [number of times user can enter the wrong password] Parameter Data Type: Text Parameter Name: PM_LOCKED_WAIT_TIME Parameter Value: [number of minutes user has to wait after being locked out] Parameter Data Type: Text |
*** Part of the security enhancements update ***
Users are locked-out when the defined number of failed attempts have been reached. Once locked, the user must wait a preset period of time. The lockout threshold and wait time are defined by the site administrator. NEW PARAMETERS Two new Global Parameters were created as part of the new lockout feature. These parameters must be defined in the PM_GLOBAL_PARAMS table for users to be locked out after the defined number of failed attempts and number of minutes they must wait before attempting to try again. Parameter Name: PM_LOCKED_MAX_COUNT Parameter Value: [number of times user can enter the wrong password] Parameter Data Type: Text Parameter Name: PM_LOCKED_WAIT_TIME Parameter Value: [number of minutes user has to wait after being locked out] Parameter Data Type: Text NEW ERROR MESSAGE The following error message will appear to users when they have reached the threshold and have now locked their account. ERROR: Too many invalid attempts, user locked out |
| Labels | wikirelease |