Symptom

Users can attempt logging in as often and as fast as they want at the screen unlock prompt and local login prompts (e.g. for Kerberos, Shared Workplace, IGEL Smartcard).

Problem

This leaves the system and remote sessions vulnerable to brute force login attacks.

Solution

In IGEL OS 10.03.100 and newer, the number of login attempts is limited to 5 within 30 seconds.

These values can be changed in the system registry:

  1. In Setup, go to System > Registry
  2. Go to the auth.login.lockout_threshold parameter to set the maximum number of login attempts within the specified interval.
  3. Go to the auth.login.lockout_duration parameter to set the interval in seconds.
  4. Click Apply or Ok.