Skip to content

Account Lockout

Overview

HySecure provides the ability to automatically lock out users based on predefined conditions, configurable at the User or User Group level. This feature helps enforce access policies and ensure compliance with usage requirements.

This functionality is particularly useful in the following scenarios:

  1. Time-limited access after first login : Access can be granted for a specific duration starting from the user’s first successful login. Once the defined time period expires, the user account is automatically locked, preventing further access.

  2. Minimum login frequency enforcement: Administrators can define a minimum login frequency for users or groups. If a user does not log in within the specified interval, their account can be automatically locked. This is especially useful for third-party vendors or contractors who are expected to access the system periodically but fail to do so.

Configuration Workflow

This section describes the workflow for creating a Notification type of Access Control.

  1. Identify the User / User group for whom the Access Control needs to be implemented. The set of users will either be:

    1. part of an Authorization Server associated with an Authentication Domain, which is attached to a HySecure Domain, OR.

    2. part of a High / Low Security native User Group OR.

    3. a High / Low Security native User.

  2. Configure the duration after the first/last login, at which the specified user OR users of the specified User Group should be locked out.

  3. Configure the Access Control validity and the state of the Access Control.

Account Lockout Based Access Controls Preference

In case of multiple Account Lockout based access controls, the first one that matches the configurations will be effective.