setloginlockout(8)
System Administration 233
NAME setloginlockout - enable or disable login lockout feature
SYNOPSIS setloginlockout -s time
setloginlockout -h
DESCRIPTION The setloginlockout(8) command sets the amount of time, in minutes, that
users are prevented from logging into their accounts after the third unsuccessful
login attempt.
Privileges You m ust h ave useradm privileges to run this command.
Refer to setprivileges(8) for more information.
OPTIONS The following options are supported:
EXTENDED
DESCRIPTION
When login lockout is set, a user is allowed three consecutive attempts to log in. An
attempt to log in is defined as typing the user name at the login prompt and
pressing the Return key, even if no password is entered or the login attempt times
out. After the third consecutive failed attempt, the system prevents further tries for
the set amount of time. During lockout, the system allows entry of the login name
and asks for a password. But it rejects every further attempt, even if the password
entered is valid. Failed attempts during lockout do not extend the lockout time.
setloginlockout -s 0 disables the account lockout. When the account lockout is
disabled, a user can attempt to log in and fail an unlimited number of times.
If account lockout is disabled then re-enabled, locked-out users are able to try again
between those two events. But locked-out users who do not retry until after the
feature is re-enabled see no change, and remain locked out as if the disabling and
renabling did not occur. The lockout time for such users is not changed.
EXAMPLES EXAMPLE 1 Sets the lockout timeout time to 90 minutes.
-h Displays usage statement. When used with other options or
operands, an error occurs.
-s time Specifies the account lockout time, in minutes, using a number
ranging from 0 to 1440 (24 hours). The default value, which
disables the lockout, is 0 minutes.
XSCF> setloginlockout -s 90
90 minutes