Configuration details | - Log in to the ESXi UI with root.
- Go to Host > Manage > System > Advanced Settings.
- Use the search field to search for security.
- Click Security.AccountLockFailures.
- Click Edit option, set the integer for maximum allowed wrong password attempts to 3, then click Save.
|
Verification steps | - Log out of ESXi and attempt to log in as a user with a bad password more than three times.
- Verify that the UI denies access with Invalid Credentials.
- Log back in as an Administrator.
- Observer that the user is Locked.
- Unlock the user.
- Log back in with the proper password to confirm that the UI allows login.
|
Helpful tips | As per the security standards, the lockout policy should be set to make sure the account is locked for bad password attempts. This is to avoid a Brute Force Attack. |