Configuring account lockout
allows an administrator to change the default account lockout configurations.
settings_local.py file.- AXES_FAILURE_LIMIT
-
Specifies the number of failed login attempts after which the user is locked out.
The limit definition uses the following formula:
AXES_FAILURE_LIMIT = Number of failed attempts * 2 - AXES_LOCK_OUT_BY_COMBINATION_USER_AND_IP
-
Specifies the account lockout settings based on a combination of failed login attempts and IP address. The default ruevalue is 'True'.
If the flag is set to
True, the user cannot login using the same IP address after exceeding login attempts specified in theAXES_FAILURE_LIMIT. However, other users can login using the same IP address.If the flag is set to
False, the user cannot login using the same IP address after exceeding login attempts specified in theAXES_FAILURE_LIMIT. In this case, other users are also not able to login using the same IP address.To lock the user based on a combination of failed login attempts and IP address, enter the the following command syntax:AXES_LOCK_OUT_BY_COMBINATION_USER_AND_IP = <True> - AXES_COOLOFF_TIME
-
An integer that specifies the number of hours after lockout that the user must wait before being able to login again. The default value is '0.33 hours' (20 mins.)
To specify a wait time before user can login again after failed attempts, enter the the following command syntax:AXES_COOLOFF_TIME = <Number of Hours>
