System Administration Guide
Chapter 1, Administering user accounts

Setting login restrictions on accounts

Setting login restrictions on accounts

You can prevent unauthorized use of an account by restricting the number of consecutive failed logins. When this limit is exceeded, the account is locked.

In the Account Manager, select a user name, then select Login Controls from the Users menu.

Enter a value in the ``Failed login attempts allowed before account is locked'' field or click on the default of button to select the system default.

To lock or unlock an account, see ``Locking or unlocking a user account''.

To change the system default value, use this command line:

usermod -D -x "{maxLoginAttempts value}"

You can change the value for an individual user with the usermod(ADM) command by omiting the -D option and appending the user name to the above command.

NOTE: Terminal restrictions provide greater control over the login process.

See also: