Users in kibana to lockout for 3 incorrect attempts

Gauti · January 27, 2020, 7:58am

Hi All,

There is a requirement for us from security perspective stating

whenever user trying to login to kibana should get locked out for 3 incorrect passwords
Users password should expire in 30 days.

I dont find any type of settings related to this in kibana user management, is this something achievable in kibana? or is there any other way around.

Note: we are using elastic cloud with version 7.3 and as per support team Active Directory integration is not possible in this version.

Any help would help us a lot.

Thanks
Gauti

Marius_Dragomir · January 28, 2020, 3:23pm

Hello,
There is no way in Kibana to enforce this. A possible workaround is to use SAML or OIDC as an identity provider and enforce it in there.

system · February 25, 2020, 3:23pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.