Contents
1 Description
This instruction describes how to configure login failure delay for user authentication. The login failure delay value controls how long the delay is in seconds after an unsuccessful authentication until the next authentication attempt can be performed. There is also an operating system internal random variation in the delay to prevent systematic attack scenarios.
2 Procedure
2.1 Change Login Failure Delay
Prerequisites
- No documents are required.
- No tools are required.
- The following conditions must apply:
- The user has the System Security Administrator role.
- An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.
Steps
- Navigate to UserManagement Managed
Object (MO), for example:
>dn ManagedElement=1,SystemFunctions=1,SecM=1,UserManagement=1
- Enter Config mode:
(UserManagement=1)>configure
- Set the login failure delay as required, for example,
to 12 seconds:
(config-UserManagement=1)>loginFailureDelay=12
- Commit the setting:
(config-UserManagement=1)>commit
- Verify the loginFailureDelay:
(UserManagement=1)>show loginFailureDelay
The following is an example output:
loginFailureDelay=12
2.2 Remove Login Failure Delay
Steps
- Navigate to UserManagement MO,
for example:
>dn ManagedElement=1,SystemFunctions=1,SecM=1,UserManagement=1
- Enter Config mode:
(UserManagement=1)>configure
- Delete login failure delay:
(config-UserManagement=1)>no loginFailureDelay
- Commit the setting:
(config-UserManagement=1)>commit
- Verify the loginFailureDelay is deleted:
(UserManagement=1)>show loginFailureDelay
The following is an example output:
loginFailureDelay=[]