To mitigate brute-force attacks on
Cyber Recovery user accounts, the
Cyber Recovery software applies timeout periods to an account after unsuccessful login attempts.
The following table outlines the timeout periods between unsuccessful login attempts:
Table 1. Time out periods between unsuccessful login attempts
Number of login attempts
Timeout period (seconds)
1–2
0
3–6
5
7–9
15
10–12
30
During a timeout period, the
Cyber Recovery software ignores all login attempts until the timeout period expires. The
Invalid credentials supplied error message is displayed during the timeout period. After 12 unsuccessful login attempts, the account is locked unless the user is a security officer. A security officer must wait 2 minutes between each future login attempt. A successful login resets the number of login attempts back to 0. This same timeout behavior occurs when the login attempt is made using the
Cyber Recovery UI, CLI, or REST API.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\