As a person responsible for the security of the Folio platform
I want to prevent brute force attacks of the Folio platform
- At  failed consecutive login attempts using a Folio username/password then lock user's Folio account
- OR if  failed consecutive login attempts using Folio username/password occur in a [10 minute span] then lock user's Folio account
- Settings Configuration: the settings in [brackets] should be configurable as Folio may need to change these settings in the future.
- Settings Configuration: should be flexible to support additional rules for locking a user's Folio account
- A way to lock the user's Folio account is by setting the user status = inactive
- Via Folio, system librarian changes the user status = active