A vCenter Single Sign-On lockout policy specifies when a user's vCenter Single Sign-On account is locked if the user attempts to log in with incorrect credentials. Administrators can edit the lockout policy.

If a user logs in to vmc.local multiple times with the wrong password, the user is locked out. The lockout policy allows administrators to specify the maximum number of failed login attempts, and set the time interval between failures. The policy also specifies how much time must elapse before the account is automatically unlocked.


  1. In the vSphere Client select Menu > Administration.
  2. Under Single Sign On, click Configuration, and click Policies.
  3. Select Lockout Policy, click Edit, and make changes as needed.




    Optional description of the lockout policy.

    Max number of failed login attempts

    Maximum number of failed login attempts that are allowed before the account is locked.

    Time interval between failures

    Time period in which failed login attempts must occur to trigger a lockout.

    Unlock time

    Amount of time that the account remains locked. If you enter 0, the administrator must unlock the account explicitly.

  4. Click OK.