Setting and changing login session failure policy
Security administrators can set or change system-wide login session failure policy for Storwize V7000 Unified system administrative users.
To work with this function in the management GUI, log on to the GUI and select .
To use the CLI to set or change the login session failure policy of a system, submit the chsessionpolicy command and specify the options and values that you want.
Security administrators can use the --maxLoginAttempts option to specify the maximum number of failed login attempts for a user account before the account is automatically locked. This option applies to all CLI user accounts in the system. The default is 0, indicating that there is no maximum number of attempts, which effectively disables the automatic account lockout function.
Security administrators can use the --timeout option to specify the number of hours that a user account is locked before the account is automatically unlocked. This option applies to all CLI user accounts in the system. The default is 1, indicating that when an account is locked because the number of failed login attempts has reached the maximum as defined by the --maxLoginAttempts option, the account remains locked for one hour, after which the account is automatically unlocked. The account can be manually unlocked before the timeout latency by a security administrator submitting the chuser CLI command with the --unlock option, specifying the locked user ID. Valid values for the --timeout option range from 1 to 24.
Security administrators can use the --loginPromptDelay option to specify the delay between login prompts following a failed login attempt. The delay is specified in seconds, using numbers between 0 to 9, the default delay being 4 seconds.
To specify a system when using the chsessionpolicy command, use the -c or --cluster option and specify either the system ID or the system name. If the -c and --cluster options are omitted, the default system, as defined by the setcluster command, is used.
See the chsessionpolicy command for complete usage information.