Purpose: This document discusses the error messages that you could receive when trying to log in.
Failed Logins
There are several reasons why a user might not be able to login to the application:
- Invalid user name/password/domain combination
- Deactivated account
- Denied login permission
Invalid UserName/Password/Domain Combination
The following notifications and effects can occur as a result of an invalid entry of the Username, Password, or Domain:
- Invalid Credentials - When an invalid user name/password/domain combination is supplied, the user will receive a message similar to the one shown below indicating that the credentials they provided could not be authenticated.
- Login Form Retry Delay - In addition to the above message, the login form will also be disabled for a period of time specified by the password input interval in the global preferences. A label on the login form will display the amount of time that the user must wait before they will be allowed to attempt another login. This security measure is in place to help prevent “brute force” password attacks where the attacker tries to guess the password by repeatedly entering passwords until the guess one that allows him/her to log into the application.
- Maximum Logins - When a password for a username has been entered improperly too many times (specified by the max invalid login attempts global preference), the account will be disabled, and the user will receive a message indicating so.
Deactivated Account
The following message will occur as a result of a deactivated account:
- Deactivated Account - When an account has been deactivated, the account is no longer permitted access to login to the application. If a login for the deactivated account is attempted, the user will be shown a message indicating that they cannot login to the application as a result of account deactivation.
Denied Login Permission
The following message will occur as a result of denied login permissions:
- Denied Login Permission - The permission required to login to the application can be set through the MicroFour.StrataFrame.Security.Login.LoginSecurityKey property. If this permission is denied to a user (generally through a restriction set), then user will be notified that he/she is not allowed to login to the application at this time and workstation.
