Changes

:: [[File:Intruder alert settings new.png|600px|border]]{| class==="wikitable"|-||'''Number of Attempts'''||Enter a number from 1-32 that will denote the amount of times someone can ''attempt ''to log in with an account (that is, with an incorrect password) before that account is locked. ====== ===|-||'''Lockout Duration'''===Rules for Password Activation Settings===||When Select from a company has password settings configurednumber of options the duration of the account lockout. Within this period, then these the user will be used have no ability to log in full, even if their credentials are correct. 

When a company does not have password settings configured* Options: 5 minutes, 15 minutes, 20 minutes, 1 hour, 3 hours, 12 hours, 24 hours or Forever* '''Note: '''If the '''Forever '''option is selected for the lockout duration, the system user will go up have no access to login ''until ''manually unlocked by the Organizational hierarchy until it finds a parent company with password settings configured and then use these settings.[[Global User Administrator|System Administrator]] 

NOTE: When |}The latter half of this page has the heading '''Intruder Email Alert - '''using a company does not have password settings configure default template, it will display informational text at allows you to customize the top saying it email alert when someone has not been configuredlocked out because of intruding attempts. 

* '''Note: '''The following rules apply Default Template will use the [[Organization hierarchy#Organization Ownership|primary contact]] of the [[The Root Company|root organization]] to the above settings when a populate the '''new user is sent their password for the first timeEmail To ''':field. 

* If the Activation settings have a default security code but no challenge questions, the user will be prompted to enter the default security code.|-||'''Subject'''* If the Activation settings have a default security code and a challenge questions, the user will be prompted to enter the default security code and then taken to second screen to define an answer to one ||The subject of the the Challenge questions. The user can then go User Profile and access the Change Password page to view and update their stored challenge question and answeremail.See |-||'''Body'''||'''Sample Template - '''* The user will be presented with [[CAPTCHA]] validation in all cases.|}

* ''When an account has been locked for exceeding the allotted number of attempts, after the lockout time has passed they are permitted only one attempt at the correct password. A single incorrect password at this point will re-lock the account for the configured lockout duration. In other words, once someone is on the "locked user" list they are only permitted a single wrong attempt and they will be locked for the lockout duration again. This prevents would-be intruders from having multiple attempts to guess the password each time the lockout duration has passed. '' ===Password Reset Message===[[image:password-005.png]] This feature provides the ability to overwrite the standard Password Reset message with a custom message for your organization.