Lock and unlock user accounts

The Security page in 8x8 Configuration Manager allows you to define lockout policy. As an 8x8 Contact Center administrator, you can set rules for maximum invalid login attempts before the system locks you out. These rules are enforced on users to protect their accounts from being hacked. An administrator can also unlock a user account to give immediate access to the locked-out user. This prevents the user from being idle during an accidental lockout.

Locking out a user account is a mechanism to ensure account security. When you set password lockout policies, you can specify:
  • the number of invalid login attempts that locks out an account.
  • the duration of the lockout.
  • an email lockout alert to the administrator.

Specifying the number of invalid logins and lockout duration locks an account for the specified duration when the number of invalid login attempts is reached. For example, you can set lockout policy to lock an account with three invalid login attempts for a period of 30 minutes.

To define agent Lockout settings:

  1. From the Configuration Menu, open Security.
  2. Go to the Password Policies tab.

  3. Configure the desired settings under Lockout.

    The following options are provided by the password lockout policies:

    Password Policies - LockoutDescriptionPolicy Options
    Maximum Invalid Login Attempts  Defines the number of invalid login attempts to lockout an administrator/agent/supervisor account.
    • 3 attempts
    • 5 attempts
    • 10 attempts (default)
    Lockout interval after max invalid login attemptsSpecifies the duration for which an account is locked out after invalid login attempts. After the specified time, the agent is allowed to login.

    Note: Selecting Forever (must be reset by admin) requires the administrator to unlock an account and/or reset the password.

    • 2.5 minutes
    • 5 minutes
    • 10 minutes
    • 15 minutes
    • 30 Minutes
    • 60 Minutes
    • Forever (must be reset by admin) (default)
    Send Lockout alert to administrator Enables sending an email alert of an account lockout to the administrator.
    • Yes
    • No (default)

Lockout behavior disables the login and password fields and prevents user's further attempts to log in. After the lockout duration, the login screen allows the user to log in again with the right credentials, or to reset the password. The reset password is communicated to the email address specified in the account.

During a lockout, a user is prevented from logging in to the account for a specified period of time. An administrator can unlock a user account to give immediate access to the locked-out user. This prevents the user from being idle during an accidental lockout.

  • Any administrator in the Super User role or a role with full privileges to Agents object is capable of unlocking an agent/supervisor account.
  • Any administrator in the Super User role or a role with full privileges to the Security tab is capable of unlocking an administrator role.

Note: To unlock the Primary administrator role, you must contact 8x8 Contact Center support staff.

To unlock a user account:

  1. From the Configuration Menu, open Agents.
  2. Locate the user account with that requires unlocking.
  3. Click to open user details.
  4. Open the General tab. Depending on whether you have enabled Email system generated passwords for new agents/admins and reset under Security > Password Policies, you must do the following:
    • If enabled: Click Reset Password. An automatic email is generated and sent to the user's email address on file. The user then has to click the link in the email to reset the password.
    • If disabled: Enter a new password for the user, and save. From the list of users, click next to the user to unlock them. Notify the user of their new password so that they can log back in.

Concept Link IconSee Also