> For the complete documentation index, see [llms.txt](https://help.santesuite.org/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://help.santesuite.org/operations/standard-operating-procedures/user-management-sops/sop-user-lockout.md). # SOP: User Lockout ## Summary This standard operating procedure is intended to illustrate the process for unlocking a user account, and resetting the user's password. ### Use Procedure When * [ ] There has been a support ticket for a locked out user account raised * [ ] There has been a notice (from the administration console) of repeated, invalid attempts to access the system ## Procedure ### Before Beginning * [ ] Validate that the request to unlock the account has been made by the user owning the account * [ ] Validate the user's telephone number or e-mail address on file (contact the user if necessary) * [ ] Validate the user's demographic information with the information on the CDR user administration screen. * [ ] Document (in the helpdesk or other shared note area) that the user account has been locked, the length of lock and the number of invalid logins * [ ] Note the user which has locked the account (`SYSTEM` indicates invalid access attempt lock or other system security lock, whereas a user name indicates another administrative user has locked the account) * [ ] Your account has the **Alter Identity** permission ### Procedures / Tasks 1. Access the SanteDB administrative portal by [Logging In](/operations/cdr-administration/santedb-administration-panel/logging-in.md) 2. Visit the [Security Administration](/operations/cdr-administration/santedb-administration-panel/security-administration.md) center 3. Click on the [Managing User Accounts](/operations/cdr-administration/santedb-administration-panel/security-administration/managing-user-accounts.md#user-list) and search for the user using the system login name 4. Press the `Edit` button to access the [Managing User Accounts](/operations/cdr-administration/santedb-administration-panel/security-administration/managing-user-accounts.md#editing-security-settings) screen 5. Press the `Reset` button next to the `Invalid Login Attempts` field and confirm 6. (Optional) Press the `Reset PWD` button and assign a new, random password 7. Press the `Unlock` button next to the lockout information and confirm ### After Completion * [ ] Note the time and procedure in the security log (if available) * [ ] Notify the user and/or user supervisor of the unlock event and (if changed) the new password. ## Summary Information **Current Status:** Example\ **Reviewed By:** SanteSuite Team ### **Revision History** | Author | Date | Changes | | ------------------------ | ---------- | --------------- | | Justin Fyfe (SanteSuite) | 2022-01-11 | Initial Version | | | | | | | | | ### See Also {% content-ref url="/pages/XurRTyNzXtVN0F9sjpgX" %} [Security Administration](/operations/cdr-administration/santedb-administration-panel/security-administration.md) {% endcontent-ref %} {% content-ref url="/pages/ymv81dMyIH5EPdnqO0gO" %} [Managing User Accounts](/operations/cdr-administration/santedb-administration-panel/security-administration/managing-user-accounts.md) {% endcontent-ref %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.santesuite.org/operations/standard-operating-procedures/user-management-sops/sop-user-lockout.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.