https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20040 Bug ID: 20040 Summary: FailedLoginAttempts syspref will lock out users so that they cannot log in unless the syspref is cleared Change sponsored?: --- Product: Koha Version: 17.05 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Authentication Assignee: koha-bugs@lists.koha-community.org Reporter: barton@bywatersolutions.com QA Contact: testopia@bugs.koha-community.org CC: dpavlin@rot13.org I think that the FailedLoginAttempts system preference is only meant to be set ifNorwegianPatronDBEnable is set to 'Enable'; my testing is all done with ifNorwegianPatronDBEnable set to 'Disable'. What's happening: Setting FailedLoginAttempts, then logging in with incorrect credentials will lock the account. The login screen says that the account is locked, and no further attempts to log in will work. It is entirely unclear how to unlock the account -- resetting the password does not work, and the lock is not set via borrower debarments, so it can't be disabled there. The only way I was able to re-enable logins for a locked patron was to blank out FailedLoginAttempts. If this is only meant to be used in conjunction with ifNorwegianPatronDBEnable, it shouldn't be settable unless that is enabled. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.