I don't remember the exact number, but it starts off as a few seconds and gets longer for each try after the limit of 5. It can get up to minutes or hours if you keep trying incorrect logins, and then will reset to nothing after login succeeds. Do you need the exact number for something?
If the disable checkbox is not checked, it will start delaying the response about whether or not the login succeeded after there have been too many attempts.
Is your concern that the audit log will have extra events that aren't really failures? If the login eventually succeeds, the authentication methods which didn't work should not cause loginfailure audit events. Otherwise, there would be loginfailure events confusing the audit log on any system with more than one type of authentication enabled.
If the login fails, all types of authentication which were tried will be logged.
Log in or create a new account to continue
Please log in