Beginning June 1, 2017, OIT will begin locking Rice accounts after ten consecutive failed login attempts on OIT managed systems in order to reduce brute force attacks on NetID passwords. Two independent authentication systems will have this protection:
- Active Directory
- RiceNet Wireless
- Rice Exchange Mail
- Workstation/Kiosk Logins (Windows, Mac)
- LDAP / Kerberos / Web Single Sign-On
- Rice Campus Mail
- Rice Authenticated Web Sites (Canvas, Box, Subversion, Webmail, etc)
- Server/Desktop Logins (Linux)
Preventing Auto-lockout
Auto-lockout is commonly triggered by saved old passwords in an application or device, like WiFi, Email, iOS/Android keychains, and cached credentials in browsers. Once it occurs, it affects access to everything within an authentication system. Students can prevent unexpected lockouts when changing passwords by forgetting wireless networks and keeping track of which devices have saved passwords or are logged into certain accounts.
For more information on this, please see the KB article on the Rice Knowledgebase website.