Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Password lockout and retry attempts

By default, the number password retry attempts is set to three, allowing the administrator a maximum of three attempts at logging in to their account before they are locked out for a set amount of time (by default, 60 seconds).

The number of attempts and the default wait time before the administrator can try to enter a password again can be customized. Both settings can be configured using the CLI.

To configure the lockout duration:
  1. Enter the following CLI commands:

    config system global

    set admin-lockout-duration <seconds>

    end

To configure the number of retry attempts:
  1. Enter the following CLI commands:

    config system global

    set admin-lockout-threshold <failed_attempts>

    end

Example

To set the lockout threshold to one attempt and set a five minute duration before the administrator can try to log in again, enter the following CLI commands:

config system global

set admin-lockout-duration 300

set admin-lockout-threshold 1

end

Password lockout and retry attempts

By default, the number password retry attempts is set to three, allowing the administrator a maximum of three attempts at logging in to their account before they are locked out for a set amount of time (by default, 60 seconds).

The number of attempts and the default wait time before the administrator can try to enter a password again can be customized. Both settings can be configured using the CLI.

To configure the lockout duration:
  1. Enter the following CLI commands:

    config system global

    set admin-lockout-duration <seconds>

    end

To configure the number of retry attempts:
  1. Enter the following CLI commands:

    config system global

    set admin-lockout-threshold <failed_attempts>

    end

Example

To set the lockout threshold to one attempt and set a five minute duration before the administrator can try to log in again, enter the following CLI commands:

config system global

set admin-lockout-duration 300

set admin-lockout-threshold 1

end