Users in kibana to lockout for 3 incorrect attempts

Hi All,

There is a requirement for us from security perspective stating

  1. whenever user trying to login to kibana should get locked out for 3 incorrect passwords
  2. Users password should expire in 30 days.

I dont find any type of settings related to this in kibana user management, is this something achievable in kibana? or is there any other way around.

Note: we are using elastic cloud with version 7.3 and as per support team Active Directory integration is not possible in this version.

Any help would help us a lot.


There is no way in Kibana to enforce this. A possible workaround is to use SAML or OIDC as an identity provider and enforce it in there.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.