3.1.10.2.15. maxFailedAuthentications

The maxFailedAuthentications plugin provides the ability to manage OTP connections.

It is in charge of verifying that a user has not tried to authenticate a certain number of times using a wrong OTP code. In case of exceeding a maximum number of attempts, that user will be blocked for a period of time and a new OTP code will be generated.

The following fields must be configured to set up the plugin:

• Period of time in which no more than a maximum number of authentication attempts can be made (in seconds): Period of time in which no more than the maximum number of authentication attempts can occur or the user will be blocked.

• Maximum number of authentication attempts in the same period of time: The maximum number of attempts permitted for each user.