Authentication Failure Lockout

This section describes how to set up a PC lockout based on the number of failed authentication attempts during PC logon.

Operation Procedure

Select Authentication Service > Group Policy from the menu.

  1. Click the policy you want to configure from the group policy list.
    Group policy
  2. Click the “Authentication Failure Lockout” setting icon in the logon section of the Two-Factor Authentication Settings to change the setting.
    Authentication Failure Lockout
    If set to Enable, you can change the “Auto Unlock” setting. Click on the Settings icon to change the setting.
    Authentication Failure Lockout
  3. Click the “Update” button.
  4. Click “OK” on the confirmation message.

Set value

Authentication failure lockout

  • Disable
    Do not lock the PC in case of authentication failure.
  • Enable
    The PC will be locked when the authentication fails a specified number of times.
    Set value : times
    Specifies the number of authentication failures.

    About counting authentication failures
    The following cases will be counted as authentication failure.
    User name input error
    Failed to confirm user PIN input
    Windows password input error
    The authenticator used is not the one used at the time of registration
    Authentication fails for smartphone operations

    About PIN input failure
    If you fail to enter the PIN three times in a row, the authenticator will temporarily lock the PIN.
    The temporary PIN lock can be released by removing the authenticator once.
    If you fail to enter the PIN a total of eight times in a row, the authenticator itself will be locked.
    If this happens, you will need to reset the authenticator itself. (At that time, the authentication information will also be reset, so you will need to re-register.
    For information on how to reset the authenticator, please refer to the manual for your authenticator or operating system.

    Failure of biometric authentication such as fingerprint
    If the biometric authentication fails three times, the system will switch to PIN authentication.
    Also, some biometric authenticators from some vendors are designed to lock after a certain number of failures.
    For the specifications of each authenticator, please refer to the manual of the authenticator you are using.


auto-unlock

  • Disable
    The PC lockout status will not be released until you manually release it.
  • Enable
    Automatically unlocks the PC after the specified time has elapsed.
    Set value: minutes
    Specify the time to automatically unlock the PC.