• Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login
FusionAuth
  • Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login

Changing password after lockout doesn't reset failed attempts count

Scheduled Pinned Locked Moved
Q&A
0
3
1.3k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T
    travis.milum
    last edited by 1 Sept 2021, 23:08

    We're implementing a mechanism to lock a user out with a user action after a number of failed login attempts. We want this lockout to persist until the user changes their password.

    What we find is that if we create and then delete the lockout action and then the user tries to login again the account is locked after a single failed login attempt. We're expecting that after the lockout action is removed that the user has another number of failed login attempts to go through before a lockout again.

    It would seem like this is a bug, but we can probably work around the issue if there is an API that could be called which would reset the user's failed login count.

    Thanks

    1 Reply Last reply Reply Quote 0
    • J
      joshua
      last edited by 14 Sept 2021, 14:54

      @travis-milum

      Thanks for the feedback. Let me review and report back.

      Thanks,
      Josh

      1 Reply Last reply Reply Quote 0
      • J
        joshua
        last edited by joshua 14 Sept 2021, 19:02

        https://github.com/FusionAuth/fusionauth-issues/issues/1394 - logged for feature tracking. Feel free to add your own comments or observations as you see fit

        1 Reply Last reply Reply Quote 0
        • First post
          Last post