faillock

TLDR

List login failures of current user

$ faillock

Reset failure records of current user

$ faillock --reset

List login failures of all users

$ sudo faillock

List failures of specific user

$ sudo faillock --user [user]

Reset failures of specific user

$ sudo faillock --user [user] --reset

faillock displays and modifies authentication failure record files. Part of the PAM pam_faillock module, it tracks failed login attempts and can lock out accounts after too many failures.
Used for security monitoring and account lockout management.

PARAMETERS

--user user

Operate on specific user

--reset

Reset failure records

--dir dir

Use alternate tally directory

CAVEATS

Part of the Linux-PAM package. Records stored in /var/run/faillock/ by default. Requires root to view other users' records.

faillock

TLDR

SYNOPSIS

DESCRIPTION

PARAMETERS

CAVEATS

SEE ALSO