Account Lockout Policy

Contentstack has set a robust account security mechanism in place—Account Lockout—to prevent accounts from being hacked. This feature safeguards your account by preventing any unauthorized user from guessing your registered email address or password.

What is Account Lockout?

If a user makes unsuccessful login attempts (by providing invalid credentials) consecutively for a number of times (more details below), the account gets locked temporarily, i.e., for a few minutes. If further subsequent unsuccessful attempts are made, the account will get locked indefinitely.

When an account is locked out, the user cannot make any login attempts until the lockout period ends. However, if you are an authorized user, and your account gets locked because you genuinely forgot your account password, you can reset the account password and try logging in, even during the lockout period. 

How does Account Lockout work?

Given below are the details of the account lockout threshold (i.e., number of consecutive unsuccessful attempts) and the corresponding lockout period that would be applicable for your Contentstack account.

Account lockout threshold	Account lockout period after failed attempts
1 to 4 failed login attempts	0 mins
5th failed login attempt	5 mins
6th failed login attempt	10 mins
7th failed login attempt	15 mins
8th failed login attempt	20 mins
9th failed login attempt	25 mins
10 failed login attempt	Indefinite. Contact support for assistance.

Please contact the customer support team for any assistance.