View Source

When accessing CAS, you are permitted a limited number of login attempts before your user name will be blocked.

The login credentials include:

Your Sign-in Name
Your Sign-in Password
Your 2FA code (if implemented)

If you use LastPass or another online password storage utility, it may attempt to log you in automatically with an old 2FA. This will fail, and you'll exceed the threshold resulting in your IP being banned - without any effort on your part!

Failing to correctly enter all 3 credentials 5 times will result in a ban:

General Bytes Knowledge Base > Message: Username Blocked > image-20200707-173815.png

note

Password requirements:

12+ characters,
includes at least one digit,
includes at least one special character (any keyboard character acceptable),
includes at least one lowercase + one uppercase characters.

Password requirements:

12+ characters,
includes at least one digit,
includes at least one special character (any keyboard character acceptable),
includes at least one lowercase + one uppercase characters.

Solution 1: GUI

Have a CAS administrator reset your password.

Solution 2: CLI

Login to the CAS CLI, and type:

sudo /batm/batm-manage unban-user USERNAME

Replace USERNAME with the actual username blocked.

CAS should report success, and you may login to the GUI again.

Make sure to immediately re-enable 2FA and implement a strong password!

Reference: batm-manage: the CAS CLI Toolkit

Troubleshooting:

If 2FA repeatedly fails, the global clock used by Google Authenticator may be unsynchronized.

Try synchronizing Google Authenticator's clock.

General Bytes Knowledge Base > Message: Username Blocked > 2FA Time Correction.png