SAP Knowledge Base Article - Public

2082045 - External Candidate Login Attempts - Recruiting Management


  • How to manage the maximum successive failed login attempts for External Candidates?
  • How can we unlock an external candidate?


SAP SuccessFactors Recruiting Management


  • How to enable this functionality?

If the functionality "Manage External Password Policy" is not available in admin center, please contact SAP Success Factors support to enable it in the backend, in Provisioning.

  • How to set up the "Maximum Successive Failed Login Attempts"?
  1. Go to Admin center
  2. Go to Manage External Password Policy
  3. Set a Maximum Successive Failed Login Attempts


    • Due to security concerns, the system now enforces a limit on the maximum successive failed login attemps. Previously, setting this field to 0 meant that this was not enforced.
    • Now if the setting is 0, it is interpreted as 10; meaning, if a user tries unsuccessfully to login more than 10 times in one minute, their account will be locked. They are given the following message on the login screen: "You have been locked out of your account because of too many failed login attempts. To have your account re-activated use the 'Forgot your password?' link below.".
    • This message is not configurable, and it sufficiently conveys the next steps to unlocking and resetting the password to legitimate users. 
    • Maximum Failed Login Attempts can be set up is 30 times.
    • To have this option active for External Candidates, you need to set up the number of Failed Login Attempts.

E.g.: "3". That means that an External Candidate can set the password three times wrongly. If the Candidate has entered the password "three times", their account will lock and they won't be able to login to their Candidate Profile.


How to define the contact Email address for the External Candidate to reset his Candidate Account?

Go to Admin Center > Manage External Password Policy > Password Reset Email.

How to unlock the Candidate Profile of a locked candidate?

Go to Admin tools > Manage External Password Policy > Reactivate External Candidate Account.

If you have the 'Use email as external applicant userId' switch enabled in Provisioning, this field will take into consideration the primaryEmail field.

See Also

2088622 - Passwords: The Security of our Passwords - Platform

2088609 - Passwords: Is there a secure way to give a new user their password? - Platform

2088594 - Passwords: Configuring Your Password Policy - Platform

2081617 - Employee to Candidate Deconversion - Recruiting Management

2080916 - Application Mass Actions - Recruiting


external candidate, login attempt, candidate account, external career site, primaryEmail, contactEmail, candidate locked, candidate login. , KBA , sf passwords , sf candidate , sf recruiting admin tools , sf external candidates , sf recruiting management , sf recruiting troubleshooting , LOD-SF-RCM , Recruiting Management , How To


SAP SuccessFactors Recruiting all versions