Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Password Policy - User Lockout Settings

krishna_sk
Regular Contributor
Regular Contributor

Hi team,

We have configured the following parameters in the "externalconfig.properties"  file as suggested in the Document portal.(https://docs.saviyntcloud.com/bundle/EIC-Admin-v24x/page/Content/Chapter14-Password-Management/Passw...)

krishna_sk_0-1713857732422.png

Even after updating the parameters, when we tried logging into Saviynt through Postman with incorrect password for multiple times, we didn't see the Account got locked.

Could you please let us know whether we need to do any other configurational changes anywhere and let us know your insights on this.

Thank you.

 

8 REPLIES 8

rushikeshvartak
All-Star
All-Star

Above configuration is for user. and does server has been restarted ?


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

HI @rushikeshvartak 

Yes , we tried after restarting the server only and still seeing the same issue.

Thank you

Check password policy under identity repository 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

krishna_sk
Regular Contributor
Regular Contributor

HI @rushikeshvartak 

 

The below is the Password policy under Identity Repository we have for Users.

 

krishna_sk_0-1713952580005.png

Thank you.

What is scope its application or user ? Subject says account


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Hi @rushikeshvartak

The Scope is for Users. I changed the Subject as well.

Thank you.

You can have one user scope policy and multiple application scope policy

 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

krishna_sk
Regular Contributor
Regular Contributor

@rushikeshvartak  yes, We are having only one user policy. With all the above configurations as well, the user is not getting locked, when we tried to enter incorrect password for more than 3 times.

Thank you.