Anti Brute-Force mechanism


how does the anti Brute-Force mechanism work? How many wrong password entries are possible, and how long is the user(?) or the ip(?) blocked afterwards?
Is it possible to configurate this mechanism?

Sorry, but I’m a little bit hesitated if i cant’t secure it with fail2ban :wink:


Hi there,
This one I have to pass directly to @Steve.