Definition:
Account lockout is a security feature that locks a user account after a certain number of failed login attempts. This prevents unauthorized users from attempting brute force attacks to guess a password.
Use Cases:
- Used in corporate environments to safeguard employee accounts from password-based attacks.
- Applied in systems that require heightened security, such as online banking portals.
Related Terms:
Questions and Answers:
- What happens when an account is locked out?
When an account is locked out, the user is typically unable to access the system until a reset is performed, often by an administrator or through an automated recovery process.
- How does account lockout prevent brute force attacks?
By locking the account after several failed attempts, the system prevents attackers from continuously trying different passwords. Brute force attacks typically take months or even years to succeed; Account lockups help to prevent that by alerting the user to the potentially malicious threat early.
- What are the best practices for configuring account lockout policies?
Best practices include setting a reasonable number of attempts before lockout, establishing a temporary lockout period, and providing users with a way to securely reset their accounts.