2.9.2.13. maxFailedAuthentications

The maxFailedAuthenticationsSync plugin enables to manage the OTP connections.

It is in charge of verifying that a user has not tried to authenticate a certain number of times using a wrong OTP code. In case of exceeding a maximum number of attempts, that user will be blocked for a period of time and a new OTP code will be generated.

To configure the plugin, two fields must be configured:

• Period of time in which no more than a maximum number of authentication attempts can be made (in seconds): Period of time in which no more than the maximum number of authentication attempts can occur or the user will be blocked.

• Maximum number of authentication attempts in the same period of time: The maximum number of attempts permitted for each user.