User login session lockout and Password history

This is to inform you that we need following Password Polices in Application, as per our ITGC audit recommendation.

  • User Account should lock on unsuccessful login attempts. No. of attempts should be configurable.

To UNLOCK the account should be part of Admin rights.

  • In Password Policy we required not allowing last 3 used passwords.

  • Account lockout time 15 minutes in idle condition.


Avinash Singh

  • Avinash Singh
  • Jun 29 2023
  • Likely to implement
Note : Do not post a lengthy title for an Idea. Post your Idea clearly supported by Screenshots, Examples and Case Studies (if possible).