Enabling Brute-Force Attack Protection
To enable cookie-based brute-force attack protection and configure its parameters, perform these steps:
- Go to System > Settings > System Properties in the Core group.
- Click Edit. Scroll down the list of system properties.
- Select the Password brute force attack protection check box.
-
Configure the following parameters for this option amongst the list of system properties:
- Failed login attempts checking period (minutes): Specify the period in minutes, during which the system counts login failures.
- User locking period after too many authentication errors (minutes): Specify the length of the temporary lock-out period in minutes.
- Maximum authentication attempts before locking user: Specify the number of sequential failed login attempts after which CloudBlue Commerce locks the user out.
- Click Submit to save the changes.