Account lockout and login errors
We have two different kinds of account lockouts, as well as other errors which may appear to be lockouts. This article will help OTC students and staff know what to do when they suspect their account is locked out.
Network Lockout/Internal Lockout
Error:
"The referenced account is currently locked out and may not be logged into."
When you will see this error:
Logging into an OTC computer on campus when your account is locked out. You will not receive this error if your account is locked out but you are trying to log into a web-based portal like MyOTC, Canvas, etc...
What causes this error:
Many things can cause the behavior that triggers this error, but basically, our login server received too many attempts to log into this account with the wrong password, which looks like a hacker attempting to brute-force guess your password. This can be caused legitimately by too many incorrect login attempts due to misremembering the password, or even oddities such as a malfunctioning keyboard key doubling up or missing keystrokes. This is also commonly caused by mobile devices where users have set up their email, and the password has been changed, has become corrupted, or was mis-entered on the device. So the device is continually trying to use email exchange push services to get email using the wrong password, resulting in locking the account.
Resolution:
Contact the OTC Help Desk and repeat the exact error text for the technician. Your call may be escalated to a Support Analyst to have the account unlocked after your identity is verified. If the issue persists, you may want to remove and re-add your email account on any mobile devices. However, if this is not the problem and you have repeat occurrences of your account being locked, it will need to be investigated by the Help Desk.
Extranet/ADFS Lockout
Error:
"Incorrect user ID or password. Type the correct user ID and password, and try again."
When you will see this error:
This error is confusing because it is the same error you receive if you type the wrong username or password. That message is intentional to obscure what is going wrong for any potential malicious bad actors. However, you can tell that your account is affected by an Extranet lockout if you go to another network (such as on a dedicated hotspot, or your cell phone's data network) and are able to login. You may also see this error (wrong username or password) trying to login to otc-wifi when you know your username or password is correct.
Note: We do not recommend using open wifi networks to log into your OTC account as open networks are not secured and hackers can monitor the traffic going over these networks to steal data.
What causes this error:
This error happens when there are repeated login attempts from a specific IP address on any non-OTC computer. In theory, this will prevent logins from specific suspicious locations while still allowing users to log in from their regular locations, but in some cases this can be triggered by legitimate networks users are connected to as well (such otc-wifi).
Resolution:
The OTC Extranet lockout period is variable, but lasts at least 30 minutes. Once the lockout expires, users will get 1 more opportunity to log in with the correct password. If the password fails, the lockout reoccurs for another period, and will allow 1 more attempt to log in again. This cycle can continue indefinitely or until the password is accepted. Because lockouts are IP-based, that means something coming from the network you are on is triggering the lockout. There is little we can do to legitimately identify what is causing this behavior because it is behind the router of the network you are on, which means it is not inside our network. We cannot disable this policy for individuals. Here are some things you can do to try to resolve the problem:
Remove and re-add any OTC accounts from any mobile devices (phones, tablets, etc...) that connect to that location's wifi/network.
Remove and re-add any OTC accounts from any email clients on any computers that connect to that location's wifi/network.
Clear cookies and remove any saved passwords from your device's web browsers for otc.edu
Restart any network-accessing devices, up to and including your ISP's router.
RADIUS Lockout
Error:
You are unable to connect to OTC-WiFi with your OTC credentials, despite being able to log into myOTC, etc. on campus computers.
What causes this error:
This error happens when the person in question attempts to sign into the OTC-WiFi with a bad password too many times. This can be tripped manually, but the usual case is that there is an old password saved on your device to connect to OTC-WiFi.
Resolution:
Forget the OTC-WiFi network from your device and attempt to reconnect in half an hour.
We Can't Sign You in with This Credential
Error:
"We can't sign you in with this credential because your domain isn't available. Make sure your device is connected your organization's network and try again. If you previously signed in on this device with another credential, you can sign in with that credential."
When you will see this error:
Logging into an OTC computer on campus. You will not receive this error if you are trying to log into a web-based portal like MyOTC, Canvas, etc...
What causes this error:
This error doesn't actually mean what it sounds like. It is not a lockout error at all, and it is not directly related to an issue with your account. Rather this is likely an issue with a setting on the computer in the context of the OTC domain and how its policies are configured to work.
Resolution:
Usually all that is needed is for someone else with an OTC login to log into the computer first, then restart the computer. If this does not resolve the issue, you will need to contact the Help Desk so they can remote into the computer and update its policies as the computer may have another issue preventing it from doing so automatically.
The Sign-in Method You're Trying to Use Isn't Allowed
Error:
"The sign-in method you're trying to use isn't allowed. For more info, contact your network administrator."
When you will see this error:
Logging into an OTC computer on campus. You will not receive this error if you are trying to log into a web-based portal like MyOTC, Canvas, etc...
What causes this error:
This error means your account doesn't have permission to sign into campus computers. This is most commonly seen in Alumni accounts, who are able to login to MyOTC but do not have permissions to log into campus computers. This is a security measure enacted to prevent unattended Alumni accounts from being hacked and then used to access OTC resources.
Resolution:
You will not be able to access campus computers with this account. Instead, drop by any IT location with a government issued ID and we can grant you a guest account for access to campus resources.