Locked users (FREE SELF)

Self-managed users

Users are locked after ten failed sign-in attempts. These users remain locked:

  • For 10 minutes, after which time they are automatically unlocked.
  • Until an administrator unlocks them from the Admin Area or the command line in under 10 minutes.

GitLab.com users

If 2FA is not enabled users are locked after three failed sign-in attempts within 24 hours. These users remain locked until:

  • Their next successful sign-in, at which point they are sent an email with a six-digit unlock code and redirected to a verification page where they can unlock their account by entering the code.
  • GitLab Support manually unlock the account after account ownership is verified.

If 2FA is enabled, users are locked after five failed sign-in attempts within 10 minutes. Accounts are unlocked automatically after 10 minutes.

Unlock a user from the Admin Area

  1. On the left sidebar, expand the top-most chevron ({chevron-down}).
  2. Select Admin Area.
  3. On the left sidebar, select Overview > Users.
  4. Use the search bar to find the locked user.
  5. From the User administration dropdown list, select Unlock.

Unlock a user from the command line

To unlock a locked user:

  1. SSH into your GitLab server.

  2. Start a Ruby on Rails console:

    ## For Omnibus GitLab
    sudo gitlab-rails console -e production
    ## For installations from source
    sudo -u git -H bundle exec rails console -e production
  3. Find the user to unlock. You can search by email or ID.

    user = User.find_by(email: 'admin@local.host')


    user = User.where(id: 1).first
  4. Unlock the user:

  5. Exit the console with Control+d

The user should now be able to sign in.