User Management Enhancements
Proposers
- Selvi Jayaraman (Tata Elxsi)
- Sandhya J S (Tata Elxsi)
- Ramesh Ramanathan (Tata Elxsi)
Description
User management enhancements:
-
Locking User Account on exceeding failed login attempts: User will be locked on consecutive 3 failed login attempts. User with admin role will be able to unlock the locked user account.
-
User Account Expiry: New user account will be created with default limit of 90 days. Once the user account got expired, on login attempt, OSM will force the user to renew the account. User with admin role will be able to renew the account.
-
Login history: When user logged in, UI will show the last successful login history (Date&time) with wrong password attempts count.
Denial of service attacks could lead tp deliberately locking people out of their accounts. In order to prevent these situations, these options will be optional and configurable in the appropriate modules. The number of attempts to lock an account could also be configurable and the action could be different (send an e-mail to the user). The number of days to expire an account could also be configurable.
Demo or definition of done
UseCase 1: Locking User Account on exceeding failed login attempts:
Try to login with incorrect password for more than 3 times (assuming that is the configured value), then user will be locked. Only the user with admin priveleges can unlock the locked user. In the admin user page, unlock option will be visible for that user to perform the unlock action.
UseCase 2: Account expiry scenario
Once the user account got expired, only the user with admin priveleges can renew the user. Admin user can renew the account by additional 90 days. In the admin user page, user renewal option will be visible for that user to perform the renew action.