The account lockout functionality adds an additional layer of security to both PensionPro and PlanSponsorLink. This feature prevents unauthorized users from making unlimited sign-in attempts by locking the user's account after repeated failures.
Article Contents
- Account Lockout Overview
- Enable Account Lockout for PlanSponsorLink
- PlanSponsorLink Login Lockout Preferences
Account Lockout Overview
PensionPro allows a user five sign-in attempts. After five failed attempts in a row, PensionPro will temporarily lock the account, preventing further sign-in attempts for a five-minute period.
When a lock occurs, PensionPro will send an email notification to the user informing them of the lockout. This email includes the IP address where the sign-in attempts originated.
Further attempts can be made once the lockout has ended. Alternatively, password reset can be performed during the lockout period.
Account lockout is also available for PlanSponsorLink users, although this functionality is optional and can be enabled or disabled according to the firm's preference.
Enable Account Lockout for PlanSponsorLink
Although always on in PensionPro, account lockout needs to be enabled for use on PlanSponsorLink. To do so:
- Navigate to Maintenance > Preferences > PlanSponsorLink Subdomains. The corresponding grid opens in a new tab.
- Double-click the desired subdomain in the list to open it at the Preferences view.
- Set the Enable Login Lockout preference to Yes.
PlanSponsorLink Login Lockout Preferences
When a Plan Sponsor's account is temporarily locked, they will receive a notification email informing them of the lock. This email can be customized by the firm:
- Navigate to Maintenance > Preferences > PlanSponsorLink Subdomains. The corresponding grid opens in a new tab.
- Double-click the desired subdomain in the list to open it at the Preferences view.
- Set the Login Locked Email Body and Login Locked Email Subject preferences as desired.