6.2.2.1. bruteforce-protection

6.2.2.1.1. Introduction

The bruteforce-protection command of the set subgroup enables the system to protect against brute force attacks when a user logs in.
User accounts are automatically locked for a set period of time after several unsuccessful attempts.
The default value is 3.
To view the current values for the number of attempts and the account lockout duration, use the show bruteforce-protection command.

6.2.2.1.2. Prerequisites

User: setup
Dependencies: N/A

6.2.2.1.3. Commands

set bruteforce-protection{lock-duration|max-tries|restore-default}

6.2.2.1.3.1. Command used to set a maximum number of authentication attempts for an account (0 to deactivate)

set bruteforce-protection lock-duration {0|1-86400}

6.2.2.1.3.2. Command used to set an account lockout duration in seconds (0 to deactivate)

set bruteforce-protection max-tries {0|1-100}

6.2.2.1.3.3. Command to restore the default configuration

set bruteforce-protection restore-default

6.2.2.1.4. Example to change the lockout duration to 360 seconds

Enter the following command.

 (gcap-cli) set bruteforce-protection lock-duration 360

Validate.
The system indicates the setting has been changed.

 Updating bruteforce protection configuration  
 Bruteforce protection configuration updated