Timed Lockout

As of ExtremeXOS 16.1, this feature adds the option to disable an account for a configurable period of time after consecutive failed logins. After the configured duration elapses a disabled account is re-enabled automatically. The configurable period of lockout time ranges from 1 minute to 1 hour. The configurable number of the consecutive failed attempts ranges from 1 to 10.

Prior to ExtremeXOS 16.1, the failsafe account was never locked out. Also, an admin acccount could only be locked out only if there is at least one other admin account that is not locked out. The intent is to prevent ensure the box is not ever completely locked out.

This feature augments this behavior in two ways:
  • The failsafe account can now be locked out provided that the lockout is timed.
  • All admin accounts can now be locked out provided that at least one is timed.
The feature applies to Telnet/SSH/Console/Https/Http.