We have a mixture of Questions and Answers users and SMS (mobile authenticator) users. For our Q&A users, they have 3 attempts at correctly answering their questions before they are locked out from using the software (it does not lock their AD account) which sounds like a great idea.
However, I have yet to find a way to implement the same 'lock out' policy for SMS based users.
Does anyone know how to configure this?
Hi Christian,
I’ve just done some testing and we can’t apply a lockout policy directly to a user if he enters the pin incorrectly a number of times.
However there is a workaround that can be applied.
If you structure the workflow so that the user is required to answer a single question before being prompted for a pin code and if they fail to enter the pin code correctly 3 times they will get locked out.
In my lab I included the answer with the question.
Anybody can answer the question but if the pin is entered incorrectly 3 times then the Q&A is locked out and because it is wrapped around the Phone Verification then that becomes inaccessible until the Q&A profile is unlocked.
Regards,
Jim C.
Hi Christian,
I’ve just done some testing and we can’t apply a lockout policy directly to a user if he enters the pin incorrectly a number of times.
However there is a workaround that can be applied.
If you structure the workflow so that the user is required to answer a single question before being prompted for a pin code and if they fail to enter the pin code correctly 3 times they will get locked out.
In my lab I included the answer with the question.
Anybody can answer the question but if the pin is entered incorrectly 3 times then the Q&A is locked out and because it is wrapped around the Phone Verification then that becomes inaccessible until the Q&A profile is unlocked.
Regards,
Jim C.
