Skip to content

Authentication attempts

Target Audience: Users, Developers, Stakeholders


As a security measure, we do not allow too many consecutive login attempts during a time-period. This is to prevent malicious users from "guessing" passwords.

How it works

If a user tries to login in enough times during a set period the account will be frozen. The user can then no longer try to login or use their account in any way.

An administrator can then unlock the account from the PAP. Or the user can wait for the account to be unlocked. The freeze period is around a day or two.

API support

Third-party implementors can use the Payway API to implement their interpretation.