Security Overview > Login Security > Login and Security Control
  
Login and Security Control
Use Security Control (36.3.24) to define additional security measures related to system login. The measures discussed in this section assume that single sign-on is not enabled.
If a user enters an invalid combination of user ID and password, the system may prompt additional times—based on the value of Maximum Access Failures in Security Control. After the specified number of failures, the user is returned to the operating system, the user account is disabled, and system administrators are notified by e-mail. The sending address of the e-mail includes the operating system ID of the user who attempted to access your QAD application. Login Validation from Login Screen illustrates how this process occurs during login. Use the User Account Status Report (36.3.23.2) to view the status of system users.
To completely or partially bypass system login security, you can configure the system to allow users to access the system based on operating system user ID. See OS-Based Login Security.
Depending on the setting specified in Security Control—and if single sign-on is not enabled—the system maintains historical records of successful and failed login attempts. Use Logon Attempt Report (36.3.23.1) to view login history.
Note: In order for the time zone to be properly recorded during login and password change, the server time zone must be specified in Database Control (36.24.1).

Login Validation from Login Screen
Using login security, you can:
Effectively separate QAD application security from the operating system security (unless you choose to control access from the operating system level). The user ID in your QAD application does not have to be the same as the user ID referenced by UNIX or Windows. See OS-Based Login Security.
Provide an extra level of security from unauthorized users. An individual can gain access to an operating system user ID by breaking into the system or stealing a password. Requiring a different user ID and password combination to access QAD applications presents an additional barrier to an unauthorized user. If single sign-on is enabled, this extra level of security is removed. Consequently, since single sign-on represents a single point of failure, you should consider carefully whether enabling this feature is appropriate in your environment.
Track unsuccessful login attempts to identify possible unauthorized efforts to access the system.