You can edit a user account authentication policy, which consists of the user status, maximum login attempts, and the access window time within which a user must successfully log in. You can also add new access control.
To edit a user authentication policy, follow these steps:
In the Edit Authentication Policy dialog box, the User Name display field displays the name the user uses to log in to the JUNOScope software.
You can modify the following information in the Edit Authentication Policy dialog box:
The Access Window field can have a minimum value of 0 (for example, all the field minute(s), hour(s), second(s) having a value of 0) and a maximum value of 24 hours for example, the hour(s) field can have a maximum value of 24, while the minute(s) and second(s) fields have a value of 0). The default value is 0. However, individually, the hour(s) field can have a value from 0 to 24, the minute(s) field can have a value of from 0 to 59, and the second(s) field can have a value from 0 to 59. If the Access Window field is 0, the authentication policy for the user account will not be active, and the normal login mechanism will always be applied.
The timer for the access window starts when an invalid login attempt is made on a user account. If a user account is not locked and no further invalid login attempt is tried for that account, the timer for the access window is automatically reset either after a time period equal to the access window or if the user successfully logs in to JUNOScope within the access window period.
If the authentication policy for a user account is set up with 3 maximum login attempts and a 1-hour access window, the clock for the access window starts at the first unsuccessful attempt when the user types an invalid password to login. If the user makes three unsuccessful attempts within 1 hour, then the user account will be LOCKED at the third unsuccessful attempt and will be redirected to the “ The user account is currently locked. Please see the system administrator.” message. Any further attempts by the user to log in using the username, even with a valid password, will be denied.