Affects Version/s: 7.0.X, 7.1.X, 7.2.X, Master
Component/s: Application Security
Steps to Reproduce:
- Go to Control Panel --> Users and create a new user, setup the password and then in Preferences -> Display Settings setup the desired time zone (UTC+01:00) Central European Time
- Save the following configuration: go to Control Panel --> Users --> Password Policies --> Default Password Policy and click the 3 dots on the right and click on "Edit" then scroll down to Lockout --> Enable Lockout (Yes)
Maximum Failure: 3
Reset Failure Count: 10 min
Lockout Duration: 5 min
- Try to login using the wrong password. After 3 times you will be locked out.
- Instead of trying to log a fourth time click on "Forgot Password"
- Fill the email address and the text verification and press next.
The locked error message should appear with a date that takes into account the user timezone.
The displayed date takes into account the JVM timezone.