Target Audience: Users, Developers, Stakeholders
As a security measure, we do not allow too many consecutive login attempts during a time-period. This is to prevent malicious users from "guessing" passwords.
How it works¶
If a user tries to login in enough times during a set period the account will be frozen. The user can then no longer try to login or use their account in any way.
An administrator can then unlock the account from the PAP. Or the user can wait for the account to be unlocked. The freeze period is around a day or two.
Third-party implementors can use the Payway API to implement their interpretation.