InformationThis only takes effect if Deny access after failed attempts is enabled. The number of failed login attempts that a user is allowed before being locked out. After making that many successive failed attempts, future attempts will fail. When one login attempt succeeds, counting of failed attempts stops, and the count is reset to zero.
Repeated failed login attempts could either be a valid user who has forgotten the password, or a malicious attempt to gain access to the system. For this reason, this setting should be as restrictive as possible to mitigate brute force attack attempts to discover a user's password.
SolutionRun the following command to set the deny-on-fail failures-allowed setting.
Hostname>set password-controls deny-on-fail failures-allowed 5
Navigate to User Management > Password Policy > Deny Access After Failed Login Attempts:
checked and set ' Maximum number of failed attempts allowed is set to' setting to 5 or fewer.