Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/doc/security/unlock_user.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/security/unlock_user.md')
-rw-r--r--doc/security/unlock_user.md15
1 files changed, 12 insertions, 3 deletions
diff --git a/doc/security/unlock_user.md b/doc/security/unlock_user.md
index b2c8624b057..fe10274ce5a 100644
--- a/doc/security/unlock_user.md
+++ b/doc/security/unlock_user.md
@@ -1,6 +1,6 @@
---
stage: Govern
-group: Authentication and Authorization
+group: Authentication
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments
type: howto
---
@@ -9,11 +9,20 @@ type: howto
## Self-managed users
-Users are locked after ten failed sign-in attempts. These users remain locked:
+> Configurable locked user policy [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27048) in GitLab 16.5.
+
+By default, users are locked after 10 failed sign-in attempts. These users remain locked:
- For 10 minutes, after which time they are automatically unlocked.
- Until an administrator unlocks them from the [Admin Area](../administration/admin_area.md) or the command line in under 10 minutes.
+In GitLab 16.5 and later, administrators can [use the API](../api/settings.md#list-of-settings-that-can-be-accessed-via-api-calls) to configure:
+
+- The number of failed sign-in attempts that locks a user.
+- The time period in minutes that the locked user is locked for, after the maximum number of failed sign-in attempts is reached.
+
+For example, an administrator can configure that five failed sign-in attempts locks a user, and that user will be locked for 60 minutes.
+
## GitLab.com users
If 2FA is not enabled users are locked after three failed sign-in attempts within 24 hours. These users remain locked until:
@@ -21,7 +30,7 @@ If 2FA is not enabled users are locked after three failed sign-in attempts withi
- Their next successful sign-in, at which point they are sent an email with a six-digit unlock code and redirected to a verification page where they can unlock their account by entering the code.
- GitLab Support [manually unlock](https://about.gitlab.com/handbook/support/workflows/reinstating-blocked-accounts.html#manual-unlock) the account after account ownership is verified.
-If 2FA is enabled, users are locked after five failed sign-in attempts within 10 minutes. Accounts are unlocked automatically after 10 minutes.
+If 2FA is enabled, users are locked after three failed sign-in attempts. Accounts are unlocked automatically after 30 minutes.
## Unlock a user from the Admin Area
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-12 09:48:27 +0300