The configuration in the device is protected against "brute-force attacks" by barring logins. A brute-force attack is the attempt by an unauthorized person to crack a password to gain access to a network, a computer or another device. To achieve this, a computer, for example, can go through all the possible combinations of letters and numbers until the right password is found.
As a measure of protection against such attacks, the maximum allowed number of unsuccessful login attempts can be set. If this limit is reached, access will be barred for a certain time.
The login lock only applies to the access path being used. The other access paths are still available.
Important: For technical reasons, SSH and Telnet can only be locked and unlocked together.
To configure the login lock, the following entries are available in the configuration tools:
- Activate lock after (number of login errors)
- Duration of the lock (lockout in minutes).
LANconfig: Management / Admin
Important: If you fill out the field Lock configuration after with the value "0", the login lock is deactivated.
WEBconfig: LCOS menu tree / Setup / Config
Important: The login lock has no function if RADIUS or TACACS are being used for authentication.
