System > Login Policy

What is the login policy used for?

The main purpose of the Login Policy function is to prevent a brute force break-in to the system. By limiting the successive number of bad login attempts and disabling rogue accounts for a set amount of time, you can prevent unauthorized users from gaining entry into the system by repeatedly entering random passwords.

How do I set a login policy?

To set the login policy:

1. Specify the number of consecutive bad logins an administrator is allowed before their account is disabled in the Number of consecutive failed login attempts allowed before disabling account field.  The count is reset to zero after a successful login.

2. Specify the amount of time, in hours or days, that the account is disabled in the Length of time to disable account after max login failures exceeded field.

3. Specify the time period of administrator inactivity before the administrator is automatically logged out.  Set the number of minutes of inactivity in the Minutes of inactivity before an administrator session expires field.

4. Press Update to apply the settings.

Note: To activate the account manually before the lockout time elapses, another master administrator must enable the account in the Enable/Disable function of the System feature tab.