Cognition Knowledge Base

Lockouts for logins, password resets, and registrations

Owned by Juan A. Jara (Deactivated)
Last updated: May 30, 2023 by Maria Cazares
2 min read

Lockouts disable users from attempting to login or reset a password after a number of failed attempts. This is to prevent brute force guessing of login credentials.

Although this feature can be disabled, we strongly recommend enabling it.  This feature enhances the security of Cognition and helps protect your organization and data.

  • Lockouts apply to logins, password resets, and new user registration. Lockouts apply to each of these features separately.
    E.g. Being locked out of logging in does not lock you out of attempting a password reset.

  • Upon any successful attempt, all failed attempts are cleared.
    E.g. If you are locked out of logging in, but successfully reset your password, you will be granted additional login attempts.

To update the lockout settings, navigate to the Cognition menu and click System Settings under the “Configuration” header. Once in System Settings, click on the Security tab.

Enable Lockouts: Enables/disables the feature

Attempts Before Lockout: The number of times that a user is able to attempt logging in, registering, or resetting their password before triggering a lockout.

Attempt Expiration: The number of hours a lockout will last

Login, Password Reset, and Registration Lockout Messages: Three individual messages that users will see if they are locked out.

 

If an associate does lock themselves out, you can view the log of the failed attempts on a User’s Administration page in the Security tab. Notice that as an administrator, you will have the option to “Reset All Attempts” so that they do not have to wait for the lockout to automatically expire.

 

Got feedback? Have a question? Let us know!

Some Cognition features may require additional licensing. If your organization is interested in a feature seen here, please contact Reflection Software for more information.