SECURITY UPDATE

* Handle failed login attempts via Telnet
* New lockout features for >= N failed attempts
* New auto-unlock over email feature
* New auto-unlock after N minutes feature
* Code cleanup in users
* Add user_property.js - start using consts for user properties. Clean up over time.
* Update email docs

misc/config_template.in.hjson

@@ -352,6 +352,23 @@
         //  Usernames reserved for applying to your system
         newUserNames: []
 
+        //  Handling of failed logins
+        failedLogin : {
+            //  disconnect after N failed attempts. 0=disabled.
+            disconnect          : XXXXX
+
+            //  Lock the user out after N failed attempts. 0=disabled.
+            lockAccount         : XXXXX
+
+            //
+            //  If locked out, how long until the user can login again?
+            //  Set to 0 to disable auto-unlock
+            //
+            autoUnlockMinutes   : XXXXX
+        },
+
+        //  Allow email driven password resets to unlock accounts?
+        unlockAtEmailPwReset    : XXXXX
     }
 
     //  Archive files and related

misc/menu_template.in.hjson

@@ -145,6 +145,9 @@
 			next: fullLoginSequenceLoginArt
 			config: {
 				tooNodeMenu: loginAttemptTooNode
+				inactive: loginAttemptAccountInactive
+				disabled: loginAttemptAccountDisabled
+				locked: loginAttemptAccountLocked
 			}
 			form: {
 				0: {
@@ -188,6 +191,33 @@
 			next: logoff
 		}
 
+		loginAttemptAccountLocked: {
+			art: ACCOUNTLOCKED
+			config: {
+				cls: true
+				nextTimeout: 2000
+			}
+			next: logoff
+		}
+
+		loginAttemptAccountDisabled: {
+			art: ACCOUNTDISABLED
+			config: {
+				cls: true
+				nextTimeout: 2000
+			}
+			next: logoff
+		}
+
+		loginAttemptAccountInactive: {
+			art: ACCOUNTINACTIVE
+			config: {
+				cls: true
+				nextTimeout: 2000
+			}
+			next: logoff
+		}
+
 		forgotPassword: {
 			desc: Forgot password
 			prompt: forgotPasswordPrompt