By Greg Keller Posted July 13, 2015
New to JumpCloud’s Password Settings (found in Settings> Security) are two new capabilities related to use-cases which will force user accounts to be locked out. Both of these are based upon conditions…one being a ‘grace period’ allotted to those who have been prompted to change their password and have not yet complied, and the second, failed login attempt lockout, will disallow a user to gain access to their machine. Deeper explanations follow below…
Password Grace Period (see ‘a.’ below) – Administrators may set an arbitrary date to enforce that all users must update their passwords. When set, JumpCloud will begin from 7 days out reminding and directing the user to update their password. Failure to comply will result in their account being locked. Date and times when set are at the administrators local time, and will trigger at exactly that time regardless of location globally (e.g. setting for 1:00PM MST will result in 7PM GMT execution globally).
b. Failed System Login Attempt Lockout (see ‘b.’ below) – Administrators can prescribe the number of failed login attempts on a Windows or Linux system (Mac OS X coming soon) managed by JumpCloud before the account on the system is locked and must be re-set by an administrator. Note that lockout will occur on any systems the user’s account has been deployed to – not just the system where the failed logins occurred on. The employee’s Console access (where they can gain access to re-set their own password if required) will remain unaffected.