Affects Version/s: 6.2.10 EE GA1, 7.0.0 M5
1. Enable the default password policy setting
- Local enabled
- Maximum Failure - 3
- Reset Failure Count - 5 minutes
- Lockout Duration - 5 minutes
2. Create an user1 with the password user1. After activate the account doing a first login, make logout and try to login several times using an erroneous password, eg. otherpassword
3. Once you get the message This account is locked until 3/2/15 2:30 PM. Please wait until the unlock date or contact an administrator to have this account unlocked. , wait for 10 minutes (in my case until 2:35 PM) and try to recover the password clicking in the link Forgot Password
4. Type the email address and the text verification, and click in the next button.
Result This account is locked until 3/2/15 2:30 PM. Please wait until the unlock date or contact an administrator to have this account unlocked.
Expected You get the reminder query and you are allowed to continue with the password recovery process.