Using Atlassian ID login on Cloud will allow a user to attempt a login 10 times. On the 11th time, it will ask the user to complete a Google Captcha.
There is no "lockout" per se, and the user will continue to be asked for the Captcha until there is a successful login.
If attempting via API it will lock them out once the 11th try is reached, and then they will need to attempt to login normally from a browser to reset it.
Lastly, I have created a feature request below to be able to set maximum attempts for any users who have managed domains:
Please feel free to vote on this if you would be interested in such a feature.
I hope this helps.
The password policy for Atlassian ID is only that it needs to be between 8 and 100 characters long. This and the maximum login attempts are not documented on our site, but I was able to verify them by testing.
We will be rolling out our new Identity Manager for Cloud within the next few weeks, and once it's implemented on your instance, you'll be able to create an organization and control your own password policies for any managed domains that you have claimed.
For more information on the usage of the current setup, Atlassian Account, review the following:
If you want full control, however, I would definitely look into setting up SAML for your instance from the article I sent you earlier. Do let me know if you have any questions about that!
I’m a designer on the Jira team. For a long time, I’ve fielded questions from other designers about how they should be using Jira Software with their design team. I’ve also heard feedback from other ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs