pam_tally2

tracks login attempts

Enable login attempt tracking

$ auth required pam_tally2.so deny=5 unlock_time=900

View user's tally

$ pam_tally2 --user=[username]

Reset user's tally

$ pam_tally2 --user=[username] --reset

Reset all tallies

$ pam_tally2 --reset

pam_tally2 [options]

pam_tally2 tracks login attempts. Locks accounts after failed attempts.
The module prevents brute force attacks. Successor to pam_tally.

deny=N

Lock after N failures.

unlock_time=SECONDS

Auto unlock time.

--user NAME

Specify user.

--reset

Reset counter.

even_deny_root

Apply to root too.

root_unlock_time=SECONDS

Root unlock time.

Being replaced by pam_faillock. Per-user tallies. Account lockout.

pamtally2 replaced pamtally for improved login tracking and lockout.