Credentials are not locked in VIP Manager after multiple authentication failures that exceed the Maximum Validation Failures limit configured under Credential Security Settings.
In the VIP Enterprise Gateway (EG) logs, the return error is:
reason=12, text=Access DENIED 0x6009: Authentication failed.
The expected behavior is that the token is locked after exceeding the Maximum Validation Failures setting value. The return code should be:
reason=16, text=Access DENIED 0x4994: Operation not allowed in current state of credential.
Error Detail: Operation not allowed on a locked token.
Invalid/non-numeric data is entered in place of the One Time Password (OTP).
A token will lock in VIP Manager if authentication failures meet the value matching Maximum Validation Failures limit value in VIP Manager. However, this only applies when numeric values (0-9) are entered for the OTP by the end-user. If the OTP is not a 6-digit numeric value, the attempt to validate the OTP against the credential ID is rejected by the VIP Cloud, and the failed attempt value for that credential ID does not increment.