This article covers our account lockout policies and procedure. For more information about this and other security settings, see our additional documentation.
Managing Account Lockouts
Note: the account lockout policies and procedure detailed here do not apply to SSO or SAML-based authentication.
After five failed login attempts, user accounts are temporarily locked out for 30 minutes and credentials cannot be reset using the Forgot Password?
button on the login screen. If no additional invalid login attempts are made, users can select Forgot Password?
to reset after thirty minutes.
If three more failed login attempts occur on the locked account, the lockout can be removed by an Org Admin or Account Admin, provided they have the necessary Edit permissions: Edit Org Users privilege to unlock users org-wide, or the Edit Account Users privilege to unlock users within that Admin's account.
If you are a privileged Org Admin or Account Admin and need to unlock a user within your organization, follow these steps:
- Access the Security page, and select the Accounts tab (see Accounts and Users for more information).
- From the Users section of the Accounts tab, find the locked user as indicated by the Lock column.
- Click the Edit icon, then click the key icon to unlock the user account.
Note: If an Org Admin user account is locked, the user must contact Customer Support.