I am looking for information on how Filemaker Server responds in an invalid authentication situation. (A user enters a wrong password - how many wrong passwords are allowed before action is taken, and what action(s) are then taken?)
In particular, it seems that after enough failures, Filemaker does some form of back off (disallows attempted re-authentication for a period of time) before it allows an authentication attempt again. Is there information on how long it waits, how many invalid entries? Is it just one repeating set (5 attempts, 5 minutes) or does it progress? Is this configurable?
In particular, I need to locate some kind of official information as we're submitting security assessments for clients and I cannot find any official source of information on this.