authelia/docs/configuration/regulation.md

62 lines
1.5 KiB
Markdown
Raw Normal View History

---
layout: default
title: Regulation
parent: Configuration
nav_order: 7
---
# Regulation
**Authelia** can temporarily ban accounts when there are too many
authentication attempts. This helps prevent brute-force attacks.
## Configuration
```yaml
regulation:
max_retries: 3
find_time: 2m
ban_time: 5m
```
## Options
### max_retries
<div markdown="1">
type: integer
{: .label .label-config .label-purple }
default: 3
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
</div>
The number of failed login attempts before a user may be banned. Setting this option to 0 disables regulation entirely.
### find_time
<div markdown="1">
type: string (duration)
{: .label .label-config .label-purple }
default: 2m
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
</div>
The period of time in [duration notation format](index.md#duration-notation-format) analyzed for failed attempts. For
example if you set `max_retries` to 3 and `find_time` to `2m` this means the user must have 3 failed logins in
2 minutes.
### ban_time
<div markdown="1">
type: string (duration)
{: .label .label-config .label-purple }
default: 5m
{: .label .label-config .label-blue }
required: no
{: .label .label-config .label-green }
</div>
The period of time in [duration notation format](index.md#duration-notation-format) the user is banned for after meeting
the `max_retries` and `find_time` configuration. After this duration the account will be able to login again.