Lockout

When certain amount of wrong login attempts is detected for certain account, system locks that account for defined period of time.

Unlock from notification

By clicking the Unlock now button, user will be automatically unlocked and redirected to afterUnlockedPage.

Example of the unlocked page.

By default the redirect page is not set, so don’t forget to set it.

Tip

:ts:`plugin.tx_flogin.settings.redirect.afterUnlockedPage = X`

Notification Subject

You can change the subject of the notification

Tip

:ts:`plugin.tx_flogin.settings.email.lockout.subject = LLL:EXT:flogin/Resources/Private/Language/email.xlf:lockout.subject`

Number of wrong attempts

It’s possible to change the number of wrong attempts after which target user is locked and notified. By default it’s set to 5.

This means attacker can make 4 wrong attempts and nothing happens, only on 5th account is locked and owner is notified.

Tip

:ts:`plugin.tx_flogin.settings.throttling.maxAttempts = 5`

Auto unlocking (scheduler)

After certain amount of time scheduler unlocks the locked account.

By default it happens after 10 minutes of being locked, but you can always change that behavior.

Tip

:ts:`plugin.tx_flogin.settings.throttling.lockIntervalInMinutes = 10`

View & Variables

• The notification view can be found under:

  EXT:flogin/Resources/Private/Templates/Email/Lockout.html

• Out of the box you developer has access to these variables:

  

  You can access it by: {user}, like {user.username}