For security purposes, SmarterMail limits the number of times a user can attempt to log in without success. By default, users are temporarily locked out of their account after 10 failed login attempts and will remain locked out for five minutes. System administrators can alter these settings by editing the web.config file.
Follow these steps to edit these settings:
- Open the web.config file in Notepad. By default, this file can be found in C:\Program Files\SmarterTools\SmarterMail\MRS.
- To edit the number of attempts before block, look for this line of code:
<add key="ForgotPassword.BruteForceDetection.TriesBeforeBlock" value="10"/>
- Edit the value to reflect the number of failed attempts the user can make before the block is implemented.
- To edit the block time, look for this line of code:
<add key="Login.BruteForceDetection.BlockTime" value="5"/>
- Edit the value to reflect the amount of time, in minutes, that the block is maintained.