The vast majority of customers using the mobile apps use them as they should, but there will always be users who will try to game the system for their own benefit. Passenger Cloud has automatic systems in place to help identify these users and encourage them to use the system fairly.
Login Lock is one of the automatic systems we use and is designed to reduce potential fraudulent activity without penalising everyone.
What causes Passenger Cloud to activate Login Lock on a user account?
When a user logs in and out of their mobile app account the system monitors this activity and if the frequency is too high, or from more than one place, Login Lock can activate automatically.
When Login Lock is active, it is not possible to log into the account. Parts of the app that don't require logging in are still available. Login Lock deactivates automatically after 8 hours (this may be different for you depending on your settings). Customers are emailed "Account suspended" when Login Lock activates, informing them that they must change their password to re-secure their account.
As the system is designed to prevent multiple logins, and not all logins to the same account, if a user is already logged into the device when Login Lock is activated they will not be automatically logged out of the device.
It might help to think about it like this:
"It's like two people trying to use one cinema ticket. We throw one of them out and stop them coming back in. The other we leave to watch the film as they have the ticket."
Deactivating Login Lock from a customer account
Customers may have activated Login Lock on their account through behaviour that looks to the system like something that would normally cause it to activate. If you are confident that the user account should not have been locked then you can deactivate Login Lock from Passenger Cloud. Administrators can search for the user, see details of when the lock will automatically deactivate and immediately turn it off.
If an administrator overrides Login Lock manually via Passenger Cloud, the account will be protected from any further automatic Login Lock activation for a period of 24 hours.
Note: In earlier releases of Passenger Cloud, Login Lock was known as 'user banning'.