Currently Ignition have lockout function which is good, but when user attempted exceed the configuration setting, ignition display “Login Failed, please retry” instead of “Account has lockout”. Beside that, account lockout no capture into auditing log.
Proper fogin failure messages always look the same, regardless the reason, as reporting a lockout gives a hacker (automated or not) a clue that the username itself was valid. So that is deliberate (I presume).
An automated attack can flood a system’s logs, so leaving it out of the audit might have been deliberate, too. It might make sense for that to be configurable. Consider making a request on ideas.inductiveautomation.com.
There will be a (rate-limited) logged message from each
UserSource.$type logger upon locked out login attempts. As Phil surmised, we deliberately do not return any information to the frontend about why the login attempt failed.
There are Pros and Cons, because some of the users they didn’t notice they account is lockout, and they keep complaining “Why my Account cannot login into system”. It is best to have configuration lets customer to choose which method they want to configure.
Anyway, Thanks Pturmel and PGriffith.