How to block a user after multiple invalid login attempts in EventLog Analyzer automatically
Objective
Prevent unauthorized access attempts in EventLog Analyzer by automatically blocking users who enter the wrong login password repeatedly within a defined timeframe.
Prerequisite
- Administrative privileges in EventLog Analyzer.
Steps to follow
Step 1: Log in to EventLog Analyzer as an administrator.
Step 2: Go to the Settings tab, and click Admin Settings > Logon Settings > General.
Step 3: Below Block User Settings, check the Block user after invalid logon attempts box.
Step 4: In the Invalid attempts limit field, enter the maximum number of failed login attempts allowed.
Example: Enter 5 to block a user after five failed logins.
Example: Enter 5 to block a user after five failed logins.
Step 5: In the within [x] mins field, specify the time period in minutes to track these attempts.
Example: Enter 30 to count failed attempts within 30 minutes.
Example: Enter 30 to count failed attempts within 30 minutes.
Step 6: In the Block user for [x] mins field, enter the number of minutes the user should remain blocked.
Example: Enter 15 to block the user for 15 minutes.
Example: Enter 15 to block the user for 15 minutes.
Step 7: Click Save Settings to apply the changes.
Tips
- Avoid setting the invalid attempts limit too low (e.g., 1 or 2), as this may block users when they make typos or other common mistakes.
- Make sure to strike the right balance between the time window to track failed logon attempts and the amount of time users are blocked after that many failed attempts to ensure tight security without negatively impacting user convenience.
- Consider combining this feature with CAPTCHA to enhance login protection.
Related articles and topics
New to ADSelfService Plus?
Related Articles
How to restrict access to EventLog Analyzer user interface
Objective This document will guide you through configuring access restrictions for the EventLog Analyzer user interface. You can choose to either block specific IP addresses or allow access only from designated IPs or Hosts. EventLog Analyzer ensures ...How to enable CAPCHA in EventLog Analyzer
Objective CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. Login CAPTCHA serves as a security measure against bot-based brute- force attacks. You can configure whether to show CAPTCHA always or after a ...How to add Topsec device in EventLog Analyzer
Objective EventLog Analyzer collects logs from Topsec devices using the Syslog protocol. Syslog services has to be configured in Topsec Devices to have the logs forwarded to EventLog Analyzer. This article offers you step by step instructions to add ...How to add F5 device in EventLog Analyzer
Objective EventLog Analyzer collects logs from F5 devices using the Syslog protocol. Syslog services has to be configured in F5 Devices to have the logs forwarded to EventLog Analyzer. This article offers you step by step instructions to add F5 ...How to implement Security Hardening in EventLog Analyzer
Objective Improve the overall safety of your EventLog Analyzer setup by enabling key security settings that protect access, data, and system behavior. All of these settings can be managed easily from one place: the Security Hardening dashboard. ...