Hey all, I've been having the hardest time find answers to some Azure AD Smart Lockout questions and I'm hoping someone has some experience with it. I'm looking to move away from ADFS to PTA but there are lingering questions about Smart Lockout and how it functions.
- Basic Azure AD from O365 with on prem DirSync (Smart Lockout can't be modified with this - 10 failed login attempts - 60 second lockout.)
- On premise password policy is set higher than the thresholds above.
What is the calculation after the next failed login attempt? (Microsoft does not supply the increase, just that it does increase the duration after each failed attempt after lockout)
At what point does the increase in lockout duration meet a maximum value and what is that value?
How do you unlock an account that's locked out via Smart Lockout? Will a valid on-premise login to O365 unlock the account and reset the lockout counters for Smart Lockout?
Are bad login attempts logged anywhere in a DC or server running the PTA agent? (Basic Azure AD does not have auditing available for Smart Lockout that I know of.)
Is it possible, if logged somewhere visible, to block an IP from even being able to try to attempt a login?