[keycloak-dev] Should failure count be reset on successful login
Stian Thorgersen
sthorger at redhat.com
Tue Apr 5 03:46:17 EDT 2016
Currently [1] the failed login attempts are not reset on a successful
login. This could cause a user with bad memory to lock the account over
time. This can be prevented by setting "Failure Reset Time", but is that
sufficient. Should we reset the failed login attempts on successful login?
[1] https://issues.jboss.org/browse/KEYCLOAK-2692
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160405/b544a360/attachment.html
More information about the keycloak-dev
mailing list