Wishes Lockout Policy Last Update Status: Updated Oct 2024 Purpose An account lockout policy disables a user account if an incorrect password is entered a specified number of times over a specified period. This policy will help Wishes prevent attackers from guessing users' passwords, reducing the chance of successful attacks on our network. When the policy is set, each failed domain logon attempt is recorded on the primary domain controller in BRN and monitored on our custodash dashboard. When the threshold is reached, the system locks the account and prevents it from successfully logging on. When the password is reset by an administrator the user can successfully log in again. Automatically locking out accounts after several unsuccessful login attempts is a common practice, since failed logon attempts can be a sign of an intruder or malware trying to get into our Wishes system. Before unlocking an account, we will find out why incorrect passwords were repeatedly provided; in order to avoid increased risk of unauthorized access to your sensitive data. The first step in the troubleshooting process is identifying the source of the authentication failures that caused the account lockout. The event details will contain information about the computer where the account lockout occurred. The Wishes Lockout Policy is made up of three key security settings: account lockout duration, account lockout threshold and reset account lockout counter after. These policy settings help prevent attackers from guessing users' passwords. In addition, they decrease the likelihood of successful attacks on an organization's network. ● Account lockout duration: Time an account will remain locked before automatically becoming unlocked, 1 hour. ● Account lockout threshold: Number of failed logins before an account becomes locked, 6. ● Reset account lockout counter: The amount of time an account will remain locked after a failed login attempt before the counter is reset to 0, 1 hour. For Wishes staff We follow the best practices of google for staff access to email, calendar and all documentations. Google automatically locks out user accounts for five minutes after someone has tried to log in to an account and failed to enter the proper credentials four times in a row from a single IP address. If an account is locked, that account is not allowed to login from that same IP address, even with the proper credentials, until the five-minute lockout period expires. Lockouts occur on a per-user credential and per-IP address basis, so a user credential that is locked out on an IP address can still attempt to log in from a different IP address, or a different user credential can attempt to log in from that same IP address. Admins can unlock an account that is currently locked, letting that user attempt to log in again before the five-minute lockout period expires. If there is a user account associated with the credentials used for the login attempts, the dialog box includes a link to that user account page.