[[PageOutline(2-5,content)]]

= Cookbook: AccountManagerPlugin configuration =
commented sample configurations for common and special use cases

We'll collect some useful configuration examples here to give hints on proper use of available options.

== Basic configuration/Kickstart ==


== Advanced configurations ==
=== Account Locking ===
 * new feature, development code will be in `trunk` soon
 * available options (displayed with default values here):
{{{
login_attempt_max_count = 0
user_lock_time = 0
user_lock_max_time = 86400
user_lock_time_progression = 1
}}}

==== Hard Lock-up ====
{{{
login_attempt_max_count = 5
user_lock_time = 0
}}}
will have following effect:
 * lock account after 5 successive failed login attempts
 * no lock expiration, so release strictly requires administrator interaction

==== Fixed login delay ====
{{{
login_attempt_max_count = 3
user_lock_time = 30
}}}
will have following effect:
 * lock account after 3 successive failed login attempts
 * timed account locked release 30 seconds after last failed login attempt
 * fixed delay time regardless of number of successive failed login attempts

==== Modestly progressing login delay ====
{{{
login_attempt_max_count = 2
user_lock_time = 15
user_lock_max_time = 0
user_lock_time_progression = 2
}}}
will have following effect:
 * first account lock after 2 successive failed login attempts
 * timed account locked release after a time, that depends on failed login attempt history like so:

Tab.: lock time progression (factor 2)
||attempt count ||delay time in seconds ^[1]^||
||0 ||0
||1 ||1 s ||
||2 ||15 s ||
||3 ||30 s ||
||4 ||60 s ||
||5 ||2 min ||
||6 ||4 min ||
||7 ||8 min ||
||8 ||16 min ||
||9 ||32 min ||
||10 ||1h 4 min ||
||.. ||.. ||
||18 ||1 d 12 h 25 min||
||.. ||.. ||
||26 ||1 a 23 d ||
||.. ||.. ||
^[1]^ time after previous failed login attempt

==== Aggressively progressing, but limited login delay ====
{{{
login_attempt_max_count = 4
user_lock_time = 10
user_lock_max_time = 86400
user_lock_time_progression = 5
}}}
will have following effect:
 * first account lock after 4 successive failed login attempts
 * timed account locked release after a time, that depends on failed login attempt history and is limited to max. 24 hours like so:

Tab.: lock time progression (factor 2)
||attempt count ||delay time in seconds ||
||0 ||0 ||
||1 ||10 s ||
||2 ||25 s ||
||3 ||2 min 5 s ||
||4 ||10 min 25 s ||
||5 ||4 h 20 min ||
||6 ||21 h 42 min ||
||7 ||24 h ^[2]^||
||8 ||24 h ||
||9 ||24 h ||
||.. ||.. ||

^[2]^ limit kicking in here and an any further attempt