pam_tally2

TLDR

Enable login attempt tracking

$ auth required pam_tally2.so deny=5 unlock_time=900

View user's tally

$ pam_tally2 --user=[username]

Reset user's tally

$ pam_tally2 --user=[username] --reset

Reset all tallies

$ pam_tally2 --reset

SYNOPSIS

pam_tally2 [options]

DESCRIPTION

pam_tally2 tracks login attempts. Locks accounts after failed attempts.
The module prevents brute force attacks. Successor to pam_tally.
pam_tally2 counts login failures.

PARAMETERS

deny=N

Lock after N failures.

unlock_time=SECONDS

Auto unlock time.

--user NAME

Specify user.

--reset

Reset counter.

even_deny_root

Apply to root too.

root_unlock_time=SECONDS

Root unlock time.

CAVEATS

Being replaced by pam_faillock. Per-user tallies. Account lockout.

HISTORY

pamtally2 replaced pamtally for improved login tracking and lockout.