I reviewed the documentation but couldn't find any information on resetting the login limit counter, aside from the fact that this feature was implemented in version 4.2. There’s no guidance on how to actually perform the reset. One of my users accidentally locked himself out, even though we utilize LDAP authentication. I searched for "Nick" to avoid scrolling through the entire user list and noticed the warning message indicating that his account was locked due to too many failed login attempts. However, the gear icon that allows for resetting the login counter was not visible. It was only after scrolling through the full user list without any filters that the gear icon appeared, along with the option to reset the login limit counter.
That new bruteforce protection is not adjustable setting. It works automatically for all accounts. When users fail to login 10 times in a row, then the Login Limit Exceeded error is displayed on the login page and a notification email is sent them. In the email is a reset link to unlock the account. As sysadmin you should be able to filter the user name or email address in the Admin > Users list. For the locked account the red "Login Limit Exceeded" sign is showed. In the LF 4.2.8 version in common chrome based browsers the Gear icon with the Reset Login Limit request should be normally rendered as on the attached screenshot.
