Login Attempts Properties

As of KCM version 2.9.6, KCM can be configured to limit a user's ability to login after multiple consecutive failed login attempts. This blocks brute-force login attacks on KCM instances.

By default KCM will lock a user out of logging in for 5 minutes after 5 failed attempts

Use the following properties to change the login attempt settings

Property Description

Property	Description
`ban-max-invalid-attempts`	The number of invalid attempts before a user is locked out
`ban-address-duration`	The amount of time in seconds a user is locked out for after hitting the invalid attempts limit
`ban-max-addresses`	The number of addresses that KCM will track to check for invalid attempts. Defaults to `10485760`

ban-max-invalid-attempts

The number of invalid attempts before a user is locked out

ban-address-duration

The amount of time in seconds a user is locked out for after hitting the invalid attempts limit

ban-max-addresses

The number of addresses that KCM will track to check for invalid attempts. Defaults to 10485760

PreviousSQL Server Configuration Properties NextCustom Extensions

Last updated 1 year ago