What is max log-in failures before log-in blocked

I’m trying to find information for an enterprise security review process. I’ve been searching in the documentation and can’t find this anywhere. Appreciate any help.

What is the maximum number of log-in attempts, X, in what time period, Y, before log-in is prevented for that user for Z period of time.

This is referring to user authentication via a browser and the github enterprise service in github managed cloud.

1 Like

@JustinGOSSES, I have previously asked for such information on GHEC and seen others ask also.
The answer has always been something like GitHub do not provide exact details of the security measures/limits related to such things for reasons of confidentiality/security.

1 Like

Hi @JustinGOSSES

This gets asked quite frequently - here’s the most recent:

If you have any further queries, let us know.

1 Like

Thank you.

A suggestion… It would be great if this was in the main GitHub documentation. Even if the policy can’t be spelled out, saying that there is a policy but it isn’t public and is “variable” based on a variety of factors would be helpful.

1 Like