E-SEC: Password Controls Invalid Logon Attempts Get Reset When Account is Locked
Last updated on FEBRUARY 10, 2014
Applies to:PeopleSoft Enterprise PT PeopleTools - Version 8.2 and later
Information in this document applies to any platform.
***Checked for relevance on 27-11-2012***
If a customer has set the system up to lock an account after 3 invalid attempts, through password controls, the account gets locked but the invalid logon attempts number will be reset to zero if the user types in their correct password even though the account is locked. By doing this the audit behind why a person is locked is removed. Customers need the failed logins to be retained and only reset if the account is not locked out or unless the account is unlocked. This will them check to see if accounts are attempted to be hacked.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms