skip to main content

User Lock Outs

Sometimes users are locked out after repeatedly entering the wrong password.

How long? Does IP address matter?

When is the user locked out vs. the IP address?

HPCWoods user auth. explained

If you are NOT in the campus/whitelisted ip ranges:
1. Fail login 3 times:
  a. Pam records 3 failed logins
  b. Filter records 3 failed logins
  c. User is temp. banned/locked out 60 minutes (total)
  d. No warnings given, terminal goes inactive, and user will only see a blank screen while trying to start a new session with, for example, putty
2. After 60 minutes of being temp. banned, filter count is reset
  a. If 1st successful login:
    i. Instant login
   ii. Resets Pam count
-or-
  b. If user fails 2 additional times after being unbanned:
    i. Filter count is now at 2
   ii. Pam locks account for 5 minutes (after count reaches 5)
  iii. User gets the message “account is locked due to 5 failed logins”
      1. After 5 minutes, Pam count is cleared:
        a. If successful login:
          i. Instant login
         ii. Filter count is NOT cleared and remains at 2
        b. If failed login 2 additional times:
          i. User gets temp. banned again for 60 minutes
         ii. User sees a blank screen while trying to start a new session with, for example, putty
        iii. Pam count is now at 2

If you ARE on campus or have an ip in the whitelist:
1. Fail login 5 times:
  a. Pam lock for 5 minutes
  b. User gets on-screen message "account is locked due to 5 failed logins"
  c. Bypass additional filter

==

Basically,

1. If off-campus or not ip whitelisted, 3 failures equal user temp. banned for 60 minutes. After the 60 minutes, user has 2 more tries or they get temp. banned for 5 minutes. After the 5 minutes, if user fails again 3 more times they are banned for 60 additional minutes and this repeats.
2. If on-campus or ip whitelisted, 5 failures equal user temp. banned for 5 minutes. After the 5 minutes, if user fails again 5 times they are temp. banned for 5 more minutes and this repeats.

Example of trouble: classrooms (not on-campus or in whitelist) using one ip address will get banned in the ip filter for 5 total login failures (with successive failures from different user names) for 60 mins

==