Sign in to Community
Sign in to view all badges
Expand my Community achievements bar.
Thanks for proposing this enhancement
Could you please elaborate on what would be the business case to have such a lock mechanism added in the product?
Canadian Tire has such password policy for all the systems. e.g. We have VPN credential for each employee. If the error pwd is entered 3 times. We lockdown this account for 30 minutes. This will reduce the workload for helpdesk to unlock the account and protect the password being breached.
We would need the same functions provided by AEM for local accounts. The federated accounts are fine since the authentication will happen in CTC side.
Thanks for the information provided
After information taken, having such a process in place could represent some security risk where accounts could be frozen using Denial Of Service
As you are mentioning that Federated accounts are fine, are you using AEM Cloud service? In which case, the admin user password is generated during the environment creation, and having local users is not recommended, hence this should not be a problem here.
@czhang1970 Do you have more information to be shared?
We still need to have several local accounts --
e.g. ctcadmin besides OOBT "admin" account, impoteraccount for service push data to authoring instance using basic authentication.
In this case, is this lockout feature is required for security enhancement. Is this feature request feasible? If yes, when will we expect it go with new SP?
Also, the authoring instances are protected by FW and not public facing, so don't expect Denial Of Service
Unfortunately as I mentioned in my previous comment, this request will not be considered by the engineering team due to the security concerns shared