March 1, 2021

Disable Account Lockout After Excessive Login Failures in Open edX

Activities, Android Developer, Ansible, Apache2, Atlassian, Ayo Belajar Linux, Bestpath Network, BLC Telkom Klaten, BSD, Caddy Server, Case Study, Cisco, Cisco Indonesia, Cloud Computing, Cockpit, Custom Weapons, Docker, E-Learning, Engenius, Error, FreeBSD, FreeBSD Indonesia, Komunitas Pengguna Linux Indonesia, KPLI Bulukumba, KPLI Klaten, Lets Encrypt, Linux, MacOS, Microsoft Azure, Microsoft SQL Server, MikroTik, MikroTik Indonesia, MySQL, Nginx, Open edX, OpenSID, Others, PHP, phpMyAdmin, PostgreSQL, Proxmox, Python, Redash, Sendy, SSH, Stories, Subnetting, TP-Link, Ubiquiti, Unix, Virtualization, Windows, X-Mosque, Faizar Septiawan, Icar, siBunglonGanteng, Orang Ganteng, siBunglonLabs, Programmer, SysAdmin, Site Reliability Engineer, Developer, Palugada, Makassar, Ganteng, Gila, Cyclist, Panglima, Setan, Panglima Setan, sibunglon, Ganteng

Account lockout feature will be track the number of failed login attempts. If the number of consecutive failed login reaches a configurable threshold (default 5), user account will be “locked”

By default, account lockout is enabled, but the feature is configurable via a FEATURES flag.

Configure:

Open and edit lms.env.json file using your favorite editor. Then find the "FEATURES" configuration, add ENABLE_MAX_FAILED_LOGIN_ATTEMPTS into "FEATURES" array and set to false. See the following codes snippet:

    "FEATURES": {
        ...
        "ENABLE_MAX_FAILED_LOGIN_ATTEMPTS": false,
        ...
    },

Restart LMS service.