There is this useless feature where the lock screen tells you that the account is locked for 10 minutes because of three failed attempts to log in, but then I can just bypass it by forcing my computer off then powering it back on. Then what’s the point of having it? I just got a new mechanical keyboard and I don’t know if it has an issue or something, but it happened twice today without me doing anything while the pc is asleep, and it is annoying AF having to force shut down my pc by holding down the power button. This might also cause data loss for me. Is there a way to disable this thing?

Thanks

  • Max-P
    link
    fedilink
    611 months ago

    That’s managed by PAM: https://man.archlinux.org/man/faillock.8.en

    I think it’s mostly intended for remote access like when SSH’ing in, it locks up after too many bad attempts.

    When you have physical access a lot of security stops being relevant. Although for users with full disk encryption, that’d also force the attacker to wipe the keys in RAM so it’s still got some value.

    • @penquinOP
      link
      2
      edit-2
      11 months ago

      Ok, I figured it out. Looks like this new mechanical keyboard I got does something when I wake the PC up that causes those 3 attempts to be triggered. So I just set deny = 0 in /etc/security/faillock.conf. And to be more sure, I set the unlock time to 0. Lol That was very stressful. Thank you for bringing up faillock.

    • @penquinOP
      link
      111 months ago

      How do I disable it? That link doesn’t show where to disable it. It just did it again and it’s driving my fucking insane. I literally didn’t do anything. I just locked my PC from the menu and went back to it to wake it up. I need this off my PC :/