You can apply this useful module to maintain a count of attempted access to the system. It also allows the administrator to deny access if too many attempts fail. pam_tally works with the application pam_tally, which you can use to set the maximum amount of failed logins that are allowed. All attempts are logged by default in the /var/log/faillog file. If this module is called from a configuration file, the options deny=n and lock_time are the minimal options to use. The former determines the maximum number of login attempts a user can make, and the latter determines how long an account must be locked after the number of login attempts that is specified with deny=n has been reached. The value given to lock_time is expressed in seconds by default.
Was this article helpful?