Login App Security Settings
Introduction
Each Login App can have its own security settings for the Registration-as-a-Service (RaaS) feature. The available configurations are designed to follow the Data Security Standard from Payment Card Industry (PCI DSS).
The Security Settings page can be accessed directly from the Login App dashboard:
Repeated Access Attempts Configuration
Repeated Access Attempts defines whether the user will be locked after too many failed login attempts due to incorrect password.
- Limit controls how many incorrect login attempts are required to lock the user.
- Lockout controls the time interval for the lockout in minutes.
The user must have limit failed login attempts in a time window of lockout minutes to get locked. The user will then be locked for lockout minutes before he can try to login again.
Repeated Passwords Configuration
Repeated Passwords defines whether a new user password must be different from previously used ones. This setting applies to both user update and user reset password APIs.
- Limit controls how many previously used passwords are considered.