# TEST: SECURITY-UM-23 ## References * [User Management](https://help.santesuite.org/installation/installation-1/deployment/installing-software/santedb-server/installation-qualification/security-administration-testing/test-cases-for-ui-1/user-management-tests/broken-reference) * [TEST: SECURITY-UM-01](https://help.santesuite.org/installation/installation-1/deployment/installing-software/santedb-server/installation-qualification/security-administration-testing/test-cases-for-ui-1/user-management-tests/test-security-um-01) * [TEST: SECURITY-UM-21](https://help.santesuite.org/installation/installation-1/deployment/installing-software/santedb-server/installation-qualification/security-administration-testing/test-cases-for-ui-1/user-management-tests/test-security-um-21) ## Discussion The number of invalid login attempts per user is stored as a user's security property. This number can be edited only by resetting it to zero. ## Pre-Conditions / Setup 1. User must be logged into an account with policies granted for creating users. 2. Follow the instructions from [TEST: SECURITY-UM-01](https://help.santesuite.org/installation/installation-1/deployment/installing-software/santedb-server/installation-qualification/security-administration-testing/test-cases-for-ui-1/user-management-tests/test-security-um-01) to create a new user -- applying any valid values for required fields. 3. User being tested must attempt to login with an incorrect password at least once. 4. Follow the instructions from [TEST: SECURITY-UM-21](https://help.santesuite.org/installation/installation-1/deployment/installing-software/santedb-server/installation-qualification/security-administration-testing/test-cases-for-ui-1/user-management-tests/test-security-um-21) to navigate to **Administration Panel / Security / Users / Edit User** for the newly created user. ## Actions/Steps 1\. Click the pencil in the top right-hand corner of **Security Properties** to edit them. ![](https://3421852694-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZ0_pjgTp_kx4hqTZ3a%2F-Me1a583lvIxvgVD9s8x%2F-Me1aZlQncui-kMX9o3D%2Fimage.png?alt=media\&token=f856132e-b681-4117-9ac7-d2bd8fc42f21) 2\. Click the **Reset** button beside the **Invalid Logins** property. ![](https://3421852694-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZ0_pjgTp_kx4hqTZ3a%2F-Me1a583lvIxvgVD9s8x%2F-Me1b0sVIRryfBn62FJ8%2Fimage.png?alt=media\&token=45bcb0c2-640d-4b0a-907e-257dfb3f224c) 3\. Click the **OK** button when the confirmation prompt appears in the browser. ![](https://3421852694-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZ0_pjgTp_kx4hqTZ3a%2F-Me1a583lvIxvgVD9s8x%2F-Me1bduIPnG6w662yfKp%2Fimage.png?alt=media\&token=7d3f81de-4e89-4554-930c-c8d97b5178ca) 5\. Click the green checkmark to save the edited **Invalid Logins**. ![](https://3421852694-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZ0_pjgTp_kx4hqTZ3a%2F-Me1HQIY6P6INDRiiVvJ%2F-Me1WhhOu0AA-hqKmeMs%2Fimage.png?alt=media\&token=b1e421b8-1ec0-4e1b-8cd9-a40bfe25ca5c) ## Expected Behaviour * After the **OK** button in step 3 is clicked, the changes do not get saved until after step 5 and will be undone if step 5 is not taken. * The number of **Invalid Logins** is reset after step 3 and displays "0". * After step 5, the number of invalid logins is saved.