BusinessObjects Enterprise Administrator's Guide

Logon restrictions

Logon restrictions serve primarily to prevent dictionary attacks (a method whereby a malicious user obtains a valid user name and attempts to learn the corresponding password by trying every word in a dictionary). With the speed of modern hardware, malicious programs can guess millions of passwords per minute. To prevent dictionary attacks, BusinessObjects Enterprise has an internal mechanism that enforces a time delay (0.5-1.0 second) between logon attempts. In addition, BusinessObjects Enterprise provides several customizable options that you can use to reduce the risk of a dictionary attack:

Disable accounts after N failed attempts to log on
Reset failed logon count after N minute(s)
Re-enable account after N minute(s)

Business Objects
http://www.businessobjects.com/
Support services
http://www.businessobjects.com/services/support/
Product Documentation on the Web
http://support.businessobjects.com/documentation/