Locking Out an Administrator Account

EFT Server can automatically lock out an administrator account after a specified number of incorrect login attempts over a specified time.

On a PCI DSS Site, if you clear the Lockout check box, increase the number of incorrect login attempts to more than 6 or set the attempt period to more than 5 minutes, a warning message appears.

Instruct administrators regarding the timeout setting, after which they can try to log in again. If they are unable to wait for the lockout to timeout, use the procedure below to enable the account.

To disable or remove an account after a defined number of incorrect login attempts

In the administration interface, connect to EFT Server and click the Server tab.
In the left pane, click the Server node you want to configure, then click the Administration tab.
Click an EFT Server-managed administrator account, then click Account Policy. The Account Security Settings dialog box appears.
Select the Lockout admin accounts check box, then specify the length of time the account is to be locked out, the number of incorrect login attempts to count, and the period during which to count the attempts.
Click OK to close the dialog box.
Click Apply to save the changes on EFT Server.

To enable an account that has been locked out

In the administration interface, connect to EFT Server and click the Server tab.
In the left pane, click the Server node you want to configure, then click the Administration tab.
Click the EFT Server-managed administrator account that is locked, then click Account Policy. The Administrator Account Security dialog box appears.
Clear the Lockout check box.
Click OK to close the dialog box.
Click Apply to save the changes and enable the locked out account.
To resume account security, click Account Policy. The Administrator Account Security dialog box appears.
Select the Lockout check box.
Click OK to close the dialog box.
Click Apply to save the changes.