You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
Home > HappyFox Help Desk > Account Configuration > Security and Authentication > Security > Account Lockout on multiple invalid login attempts
Account Lockout on multiple invalid login attempts
print icon

As part of our initiative to make HappyFox more secure, we have introduced new features that aim at preventing unauthorized access to the application.

The following features are now available for all HappyFox users (contact & agent)

  1. Account lockout due to multiple invalid login attempts

  2. Captcha verification during login

Account Lockout

HappyFox enforces a temporary 60 minute lockout period if an agent or contact enters invalid credentials consecutively for 5 times. The login screen displays the attempts remaining for a user before a lockout is triggered.

 Unsuccessful agent login


 Unsuccessful contact login


In the event of a lockout, the agent/contact is automatically notified via email. The email contains the following information for last successful login and for the past 5 unsuccessful login attempts

  • Timestamp

  • IP information

  • Location

  • Browser details

  • Operating System details 

Once an account is locked out, the agent/contact can do either of the following

  • Wait for 60 minutes so that the account lock is automatically released

  • Send an automated email request to the administrator/s requesting manual unlock

When an agent/contact is locked out of HappyFox, their active HappyFox sessions remain unaffected. New sessions i.e., new login attempts will be restricted (including SSO logins).

Manual account unlock request for contact


Unlocking Agent Account

This action is available to all agents who have “Unlock Agent” managerial permission.

Agents who have been locked out of HappyFox can be identified using the lock icon against their names in Manage >> Agents page. On clicking unlock, a confirmation popup is shown. Successful unlock of a Agent sends an email notification to the agent that their account has been unlocked by the administrator.

Unlocking Contact Account

This action is available to all agents who have “Unlock Contact” managerial permission. 

Contacts locked out of HappyFox can be identified using the “lock” icon against their names in the Contacts list page. On opening the details page of the contact, the “unlock” action will be visible.


Lock Icon inside Contact list page:



Unlock Contact option inside Contact detail page:



Captcha Verification 

In addition to a lockout mechanism, unsuccessful login attempts in both contact and Agent login screens will now ask the user to verify themselves via a Captcha flow. The captcha flow is powered by Google’s reCAPTCHA service that uses an advanced risk analysis engine. This effectively helps prevent automated malicious login attempts.

Successful captcha verification in Agent login page


reCAPTCHA asking for user verification during contact login


To know how to unlock agents in HappyFox Classic version, please refer to the document attached.


15 out of 18 found this helpful


HappyFox Classic Version _Account Lockout on Multiple invalid Login Attempts.pdf
scroll to top icon