Question

2
Replies
15
Views
CloeW938 Member since 2018 143 posts
IT Solution Service
Posted: October 27, 2020
Last activity: October 28, 2020
Solved

Lockout penalty vs account lock

In general, which is supposed to be more secure solution, lockout penalty or account lock?

As far as I know, most of software I know of has account lock function, but I have never seen "penalty" solution except for Pega. I feel it is kind of unusual solution because it does not really "lock" it, but will be recovered by itself just by waiting a certain amount of time (8 sec => 16 sec => 32 sec => 64 sec...). Is this more modern solution? Does this have anything to do with brute force attack? If anyone knows the background of why this solution was introduced in Pega Platform, please explain.

 

Thanks,

Pega Platform 8.4.1
Share this page LinkedIn