Login Screen
Keeper Connection Manager User Guide - Login Screen
About
The login screen is the first screen users see when they access Keeper Connection Manager. Users use a username and password, or SSO credentials to authenticate into the rest of the platform.
Logging In
Username
Users use their username to login to Keeper Connection Manager. This username is set when creating or importing users.
The KCM username is sometimes an email address, but it can be a non-email username as well.
Password
The user's password. Set when creating or importing the user. Passwords can also be reset by users if allowed.
TIP: The Keeper Browser Extension can be used to automatically fill in the Keeper Connection Manager username and password!
Other Login Methods
See the authentication documentation pages for more information about setting up additional login methods such as LDAP, SAML 2.0, and OpenID Connect as well as information on setting up 2FA
Authentication OptionsLogin Attempt Limits
As of KCM version 2.9.6, KCM can be configured to limit a user's ability to login after multiple consecutive failed login attempts. This blocks brute-force login attacks on KCM instances.
By default KCM will lock a user out of logging in for 5 minutes after 5 failed attempts
This setting can be removed, and the number of attempts before a user is locked out and how long they are locked for can be configured with the following guacamole properties or environment variables (depending on installation method):
ban-max-invalid-attempts
BAN_MAX_INVALID_ATTEMPTS
number
The number of invalid attempts before a user is locked out
ban-address-duration
BAN_ADDRESS_DURATION
number
The amount of time in seconds a user is locked out for after hitting the invalid attempts limit
ban-max-addresses
BAN_MAX_ADDRESSES
number
The number of addresses that KCM will track to check for invalid attempts. Defaults to 10485760
Last updated
Was this helpful?