Blackboard Learn 9.1 Q4 2019
Too many failed attempts to log in to a user account could be a security risk. In this release, if Blackboard Learn is involved in the authentication process (default authentication type or LDAP), administrators can decide when Learn locks user accounts to protect them from unauthorized access.
By default, Learn will lock user accounts after 5 failed login attempts. Administrators can disable the feature or edit its limits in the Administrator Panel > Security > Account Lock Settings. Administrators can decide the maximum failed attempts allowed within a specified period. They can also choose how long accounts remain locked and whether accounts unlock automatically if users reset their passwords.
For security reasons, Blackboard recommends enabling Authentication Lockout any time the default authentication type is enabled since it is often used for fallback administrator accounts in scenarios where the authentication service isn’t available. Administrators can confirm enabled authentication types in the Administrator Panel > Integrations > Authentication.