Adobe Campaign Classic v7 & Campaign v8

ALangridge · 8/6/23

Hey community -

Checking in to see if anyone is aware of how to unlock operator accounts?

One of our new users has repeatedly put in their password wrong, they're now being advised their account is locked and they need to try again later. I've reset their password, confirmed the account is not disabled - but the console is still throwing the same error.

I've dug around in the documentation, but have not been able to find any info on this locking/unlocking process.

Thanks for your assistance!

ParthaSarathy · 8/7/23

Hi @ALangridge ,

An operator account getting locked because of unsuccessful logon is different from disabling-enabling an operator account.

An Account lockout mechanism is available within the logon() API. It prevents any further login attempts after a certain number of consecutive failed login attempts within a specified time frame.

Four options are available to configure the lockout mechanism, and you can explore this options under /Administration/Platform/Options/

XtkSecurity_max_Unsuccessul_Attempts_Allowed: max unsuccessful attempt to block a key within specified duration. The default value is 3.
XtkSecurity_Initial_Ban_Duration: duration for which key will be banned for the first time. The default duration is 5 minutes.
XtkSecurity_Max_Ban_Duration: max duration for which a key can be banned. You can search for the value in /Administration/Platform/Options/ folder, if the value is 60, then the operator needs to wait for 60 minutes to get his/her account to get unlocked.
XtkSecurity_Examine_Window: time Window to track number of unsuccessful login attempts to ban an invalid key. The default duration is 10 mins.

For example, if someone tries 3 unsuccessful attempts in 10 mins, his key will be blocked for 5 mins.

Reference Document

~ ParthaSarathy S

View solution in original post

Manoj_Kumar_ · 8/7/23

Hello @ALangridge

Do not attempt any login for 30 minutes and that should unlock the account automatically.

Manoj
Find me on LinkedIn

ALangridge · 8/7/23

Easy! Thanks for your reply.

ParthaSarathy · 8/7/23

Hi @ALangridge ,

An operator account getting locked because of unsuccessful logon is different from disabling-enabling an operator account.

An Account lockout mechanism is available within the logon() API. It prevents any further login attempts after a certain number of consecutive failed login attempts within a specified time frame.

Four options are available to configure the lockout mechanism, and you can explore this options under /Administration/Platform/Options/

XtkSecurity_max_Unsuccessul_Attempts_Allowed: max unsuccessful attempt to block a key within specified duration. The default value is 3.
XtkSecurity_Initial_Ban_Duration: duration for which key will be banned for the first time. The default duration is 5 minutes.
XtkSecurity_Max_Ban_Duration: max duration for which a key can be banned. You can search for the value in /Administration/Platform/Options/ folder, if the value is 60, then the operator needs to wait for 60 minutes to get his/her account to get unlocked.
XtkSecurity_Examine_Window: time Window to track number of unsuccessful login attempts to ban an invalid key. The default duration is 10 mins.

For example, if someone tries 3 unsuccessful attempts in 10 mins, his key will be blocked for 5 mins.

Reference Document

~ ParthaSarathy S

ALangridge · 8/7/23

Super helpful! Thanks a heap for detailing this for me, much appreciated.

LakshmiPravallika · 8/7/23

Hi @ALangridge ,

Please refer to the below documentation which listed the default vaules of the options for Logon API, You can check your Client console and wait for the specified time and try Logging in.

https://experienceleague.adobe.com/developer/campaign-api/api/sm-session-Logon.html

Regards,

Pravallika.