General settings

CAPTCHA settings

Enabling CAPTCHA image on the login page protects against bot-based brute-force attacks. Users must enter the text shown in the CAPTCHA image (or for the audio played) in order to log in to the product.

To configure CAPTCHA for logins,

  1. Log in to RecoveryManager Plus as an administrator.
  2. Navigate to Delegation tab → Configuration → Logon Settings → General.
  3. Under CAPTCHA Settings, mark the checkbox against Enable CAPTCHA on login page.
  4. RecoveryManager Plus provides two options to display CAPTCHA.
    • Select Always show CAPTCHA to display CAPTCHA every time someone tries to login to the product.
    • Select Show CAPTCHA after invalid login attempts to enable captcha only after a certain number of invalid login attempts. Enter the number of invalid login attempts allowed and the time (in minutes) that must pass before the invalid login counter is reset.
  5. Select Enable Audio CAPTCHA to offer CAPTCHA for visually impaired users. When this option is selected, only numeric values will be used for CAPTCHA. If the browser you use does not support audio CAPTCHA, the usual CAPTCHA (a combination of alphabets and numbers) will be displayed.
  6. Click Save.

Block Users settings

This feature allows you to temporarily prevent technicians from logging in to RecoveryManager Plus after a specified number of failed logon attempts within a certain period.

To create a criteria for blocking users,

  1. Log in to RecoveryManager Plus as an administrator.
  2. Navigate to Delegation tab → Configuration → Logon Settings → General.
  3. Under Block User Settings, mark the checkbox against Block user after invalid login attempts.
  4. In the Invalid attempts limit field, enter the maximum number of consecutive bad logons that you wish to permit. Enter the duration within which the specified number of bad login attempts must happen to trigger user blocking in the Within field.
  5. Specify the time for which the user account must remain blocked in the Block user for field.

    6. Note: Please refer to the table below to know the cases in which the Domain's account lockout policy will apply instead of the settings configured in the Block Users settings.

    Block Users Settings Condition Domain Account Lockout Policy Which would be applied
    No. of invalid attempts greater than Account Lockout Threshold Domain policy
    Within field's value greater than Reset account lock out counter Domain policy
    Block duration lesser than Account lockout duration Domain policy
  6. Click Save.
Navigate to next Previous Topic Next Topic Navigate to next

Copyright © 2023, ZOHO Corp. All Rights Reserved.