Ahhh...it never fails. A user has forgotten their password or has miskeyed the password, over and over and over. Three times to be precise. Yes, AgileHR implements a security feature where the system will lockout a user if they have failed to authenticate successfully 3 times in a row. It is a hassle for our administrative users that have to deal with the situation, but it is necessary to prevent brute force authentication attacks against your system from folks that we don't want in. Not only that, the system has to have it in order to pass our annual security audits :)
So, how do we know what it looks like when a user gets locked out, and how can we help them as admins? Its very easy and outlined below. Please note the difference in Figure 1 vs. Figure 2. Figure 1 is simple a message that the user has provided incorrect authentication information. Figure 2, is the actual lockout message which means that even if a correct username and password are supplied, the user still will not be able to authenticate.
Figure 1 - User has supplied an incorrect username or password combination
Figure 2 - User has supplied an incorrect username and password 3 times
in a row and is now locked out of the system.
So, now what? For an administrative user who receives the contact from the employee that they are locked out, it is important to differentiate between Figure 1 and Figure 2. If you are in a Figure 2 scenario, all you need to do to unlock the user, is head to the employee detail record for that employee. Once you see the employee detail screen, you will notice a new button is now visible that was not there before (Figure 3). Simply click the 'Unlock Account' button and the system will unlock the restriction so the employee can continue to login (Hint - Now might be a good time to Reset the employees password as well).
Figure 3 - Click to unlock the account and allow the user to login again.
Article is closed for comments.