To configure CA Identity Manager to lock the Forgotten Password Reset or Forgotten User ID task after failed verification attempts:
Verification page attempt limit--The number of times a user can attempt to answer the questions on a page.
If only one question appears per page, the Verification page attempt limit is the number of times a user can try to answer that question.
Note: Specify 0 for the options that do not apply.
If a user exceeds any of the specified criteria, CA Identity Manager records a verification failure.
CA Identity Manager locks the user out of the task, and optionally disables the user’s account, if the user attempts to verify his identity when the Failed Attempt Limit has been reached. For example, if the failed attempt limit is 3, the user is locked and disabled on the third failed attempt.
You can specify minutes, hours, and days. To indicate that a particular limit does not apply, enter 0.
Note: The attribute you specify must be defined in the directory configuration file (directory.xml) for the CA Identity Manager environment.
Copyright © 2015 CA Technologies.
All rights reserved.