EFT can automatically disable or lockout user accounts after a specified number of bad password login attempts over a specified time. This feature can be enabled for a Site, Settings Template, and/or per user. Once an account is disabled, you can re-enable the account on the General tab of the user.
To disable or lockout an account after a defined number of incorrect login attempts
In the administration interface, connect to EFT and click the Server tab.
On the Server tab, click the Site, Settings Template, or user that you want to configure.
In the right pane, click the Security tab.
In the Password Security area, next to Invalid login options, click Configure. The Login Security Options dialog box appears.
Select the check box next to Lockout, then specify the following:
Whether to Disable or Lockout the account
Number of minutes to lock out the account (30 minutes is the default)
Number of invalid login (bad password) attempts after which to disable or lock out the account (6 attempts is the default)
Number of minutes during which to count the invalid login attempts (5 minutes is the default)
Click OK to save the changes and close the dialog box.
Click Apply to save the changes on EFT.