My Oracle Support Banner

OTP Security Hardening (Doc ID 3015441.1)

Last updated on JUNE 20, 2024

Applies to:

Oracle Access Manager - Version 12.2.1.4.230106 and later
Information in this document applies to any platform.

Goal

 Objective is to cover scenario when end-user may try to authenticate with OTP and user account in LDAP is already locked

as per "34.2 Working with the Adaptive Authentication Service" section,  user guide "Administering Oracle Access Management Release 12.2.1.4", Second Factor Authentication page may have the following options:
- OTP from Oracle Mobile Authenticator
- OTP through SMS
- OTP through Email
- Access Request Notification from Oracle Mobile Authenticator

You can lock the user after a fixed number of invalid attempts to login using incorrect PIN, during Second Factor Authentication.
The number of invalid attempts, is based on the value specified in MaxAttempts configured in Adaptive Authentication plugin on the OAM Console.
When user provides incorrect PIN for more than configured MaxAttempts, user account is locked using OAM password schema attributes.

  refer to "34.4.4 Enabling User Lockout During the Multi Factor Authentication Flow" section,user guide "Administering Oracle Access Management Release 12.2.1.4"

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.