Temporarily Block Web Users for Failed Login Attempts

Print Friendly and PDF Follow

In ILLiad 9.1, the capability to temporarily block a web user after a configurable number of failed login attempts was added. If the UsingUserLockout Customization Key is enabled, Borrowing patrons will be locked out after failing a number of login attempts on the web; which is determined by the UserLoginAttemptsBeforeLock Customization Key. Successfully logging in before they are locked out will reset their FailedLoginCount to 0 for future sessions. Once a user is locked out, they will have to contact library staff to unlock their account and Reset the Password on the user form in the ILLiad client. A status line can be added using the SLUserLockedOut key to notify the patron when their account has been locked.
 
Setting the UserLoginAttemptsBeforeLock customization key to a value of 0 or lower will not disable the feature, but instead lock the user after a single failed attempt. If you want to disable this feature, you can either set the UsingUserLockout customization key to No or set the UserLoginAttemptsBeforeLock customization key to an extremely high number (not recommended).

Unlocking the User's Account

Staff can unlock the user's account by opening the patron record and clicking the Web Login Unlocked button on the ribbon. This will not reset their password. If they don't remember their password, click the change user password button to create a temporary password.

If a user is locked out, the button will match the client's skin color. If the patron is not locked out, then the button will be grayed out.

WebLoginUnlockedButton.jpg

Questions?

If this article didn’t resolve your issue, please take a moment and answer a few questions to help improve our documentation:

Feedback