Which feature locks a user account after a certain number of failed login attempts?

The feature that locks a user account after a certain number of failed login attempts is known as Account Lockout. This security mechanism is designed to mitigate the risks associated with brute-force attacks where an unauthorized user tries to gain access to an account by systematically guessing passwords. By implementing account lockout policies, organizations can protect sensitive information from being accessed by malicious users who might repeatedly attempt to log in using incorrect credentials.

When account lockout is activated, the firewall monitors the number of failed login attempts associated with an account and, upon reaching a predefined threshold, will automatically lock that account for a specified duration or until an administrator manually unlocks it. This helps ensure that even if a password is weak or stolen, repeated unauthorized access attempts are thwarted.

In contrast, Two-Factor Authentication adds an additional layer of security by requiring a second form of verification beyond just the password, but it does not inherently include account lockout features. Password Expiration refers to the requirement for users to change their passwords at regular intervals, which also doesn't involve locking an account due to failed attempts. User Access Control pertains to permissions granted to users, which is distinct from account lockout mechanisms designed to protect against unauthorized access following multiple failed login attempts.