Skip to main content

Lockout periods after failed login attempts

If you repeatedly enter an incorrect password or an incorrect code for two-factor authentication, oneclick™ temporarily locks further login attempts. Wait for the complete lockout period. After that, you can log in again.

Automatic unlock

Incorrect login attempts do not permanently lock your access. Wait for the displayed lockout period. After that, you can log in automatically again.

Lockout periods at a glance

SituationWhat happens?What do you need to do?
You enter an incorrect password five times.oneclick™ locks your login for 10 minutes.Wait for the displayed lockout period.
A total of 30 failed login attempts occur via your IP address.oneclick™ locks further login attempts for 15, 30, or a maximum of 60 minutes.Wait for the displayed lockout period.
You enter an incorrect 2FA code three times.oneclick™ logs you out.Restart the login process completely.

Incorrect password entered

After the first four incorrect password entries, you can try logging in again directly.

From the fifth failed attempt, oneclick™ locks your login for 10 minutes. The message during login shows the remaining wait time in seconds.

Wait for the complete lockout period. After that, you can log in automatically again.

Many failed attempts via the same IP address

oneclick™ additionally protects login if many incorrect login attempts occur via the same IP address. oneclick™ counts the failed attempts of all users who use this IP address.

After a total of 30 failed attempts, the following lockout periods apply:

  1. The first lockout lasts 15 minutes.
  2. The second lockout lasts 30 minutes.
  3. The third and any further lockout lasts 60 minutes.

60 minutes is the maximum lockout duration.

If you share a public IP address with other users, the lockout can also affect your login. This can occur, for example, in a corporate network or when using a shared VPN connection.

Wait for the displayed lockout period. After that, you can log in automatically again.

Incorrect 2FA code entered

After entering the correct password, you have three attempts to enter a valid two-factor authentication code.

After the third incorrect code, oneclick™ logs you out. Then restart the login process completely and enter your password and a valid 2FA code.

Login still not possible

  • First, wait for the complete displayed lockout period and then enter your credentials again.
  • If you no longer know your oneclick™ password, reset your password.
  • If you log in via LDAP or Active Directory and no longer know your password, contact your administrator.

If you still cannot log in after the lockout period expires, despite entering the correct credentials, contact your administrator.