Check_MK Werk 7090: Automatically lock users after 10 subsequent logon failures

ID: 7090 Title: Automatically lock users after 10 subsequent logon failures Component: Multisite Level: 1 Class: Security fix Version: 1.6.0i1 Sites created with Check_MK 1.6 will be configured to automatically lock user accounts that fail to log in 10 times in a row. Existing sites will not be affected by this change. Check_MK already had the option to configure this feature for a long time. It can be customized using the global setting "Lock user accounts after N logon failures". If you have configured this in your setup, your setting is left untouched. To unlock automatically locked users, you need to login as administrative user and disable the option "Disable password" for this user. In case your administrative account was locked out, you will have to reset the password of your account (using <tt>htpasswd -m ~/etc/htpasswd [user-id]</tt>).