Objective 

To strengthen login security and prevent unauthorized access attempts, this configuration allows you to automatically block users from logging into ADManager Plus after a specific number of failed login attempts within a defined time window. This is especially useful in environments where brute-force or repeated login attempts pose a risk to technician accounts.

Prerequisites 

• ADManager Plus must be installed and accessible via a supported browser such as Chrome, Firefox, or Edge.

• You must be logged in as a built-in admin to modify security-related logon settings.

Steps to configure login blocking after failed attempts

1. Log in to ADManager Plus with a built-in admin account.
   

2. Navigate to Delegation > Configuration > Logon Settings.

3. In the General tab of the Logon Settings page, enable the option Block user after invalid login attempts.

4. Configure the following fields:

• Invalid attempts limit: Set the number of failed login attempts allowed before the user is blocked.

• Threshold time: Specify the time window (in minutes) during which the failed attempts are counted.

• Block user for: Define how long (in minutes) the user will be blocked once the limit is exceeded.

5. Click Save Settings to enforce the changes.  
   

Tips 

• Adjust the login attempt limit and block duration based on your organization's security standards.

• Inform users about this policy to avoid unnecessary lockouts and improve awareness.
  

• Consider reviewing login audit logs periodically to identify repeated failed attempts or misuse.