diff options
Diffstat (limited to 'doc/security/unlock_user.md')
-rw-r--r-- | doc/security/unlock_user.md | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/doc/security/unlock_user.md b/doc/security/unlock_user.md index 279f466e106..e8215616e1b 100644 --- a/doc/security/unlock_user.md +++ b/doc/security/unlock_user.md @@ -7,14 +7,26 @@ type: howto # Locked users **(FREE SELF)** +## Self-managed users + Users are locked after ten failed sign-in attempts. These users remain locked: - For 10 minutes, after which time they are automatically unlocked. - Until an administrator unlocks them from the [Admin Area](../user/admin_area/index.md) or the command line in under 10 minutes. +## GitLab.com users + +If 2FA is not enabled users are locked after three failed sign-in attempts within 24 hours. These users remain locked until: + +- Their next successful sign-in, at which point they are sent an email with a six-digit unlock code and redirected to a verification page where they can unlock their account by entering the code. +- GitLab Support [manually unlock](https://about.gitlab.com/handbook/support/workflows/reinstating-blocked-accounts.html#manual-unlock) the account after account ownership is verified. + +If 2FA is enabled, users are locked after five failed sign-in attempts within 10 minutes. Accounts are unlocked automatically after 10 minutes. + ## Unlock a user from the Admin Area -1. On the top bar, select **Main menu > Admin**. +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. 1. On the left sidebar, select **Overview > Users**. 1. Use the search bar to find the locked user. 1. From the **User administration** dropdown list, select **Unlock**. |