InformationAllow access again after a user has been locked out (due to failed login attempts). The user is allowed access after the configured time if there have been no login attempts during that time). This setting only takes effect if Deny access after failed login attempts is selected.
Users can accidentally lock themselves out of their accounts if they mistype their password multiple times. To reduce the chance of such accidental lockouts, the Allow access again after time setting determines the number of seconds that must elapse before the counter that tracks failed logon attempts and triggers lockouts is reset to 0.
SolutionRun the following command to set the deny-on-fail allow-afte setting.
Hostname> set password-controls deny-on-fail allow-after 300
Navigate to User Management > Password Policy > Deny Access After Failed Login Attempts:
Set the 'Allow access again after time' setting to 300 or more seconds.
1200 (20 minutes)
Looking for input regarding a value for this recommendation.