Is there a way to avoid a Brute Force Attack to lock all user accounts from my User Store?

Article Id: 52250

Status: Published

Updated On: 14-02-2018 06:58

Legacy Id: TEC506806

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

Description:

How to avoid a Brute Force Attack to lock all user accounts from my User Store?

Solution:

To stop a Brute Force Attack from the internet against your User Store, you have first to filter requests by IP's on:

Firewall
Reverse proxy

And you can avoid getting massive locked accounts by setting the Password Policy to re-enable the User's account after a period of time by the "Expiration" Tab of the Password Policy.

Environment:

Release:
Component: SMPLC