Block log in after X unsuccessful login attempts

For prevent CzechIdM from brute force attacks, you can use feature for block log in after X unsuccessful login attemps. The feature can be set only for default validation password policy.

After user exceed number in Maximum number of unsuccessful login attempts. User will be blocked for seconds (Login blocking time (seconds)). After block will be also send notification to the user with information about block (topic: loginBlocked). When user tries log in after block, block time isn't increased. The interval is still same. When blocking expires user can log in.

Information about block is show at user detail.

User was synchronized from system and doesn't has password in IdM, authentication is trough this system, will this feature work for it?

Yes. After user tries for first time log in to IdM it will be created empty password object for this user. To this object will be added information about unsuccessful login attempts.