However, not all accounts are typically LDAP-enabled.
As of Clear Quest Fix Pack 6 (220.127.116.11) for 8.0.1, a built-in mechanism for brute-force protection is available that includes account lock outs.
Workaround Use the Clear Quest for Windows client or the standard Clear Quest (Eclipse RCP) client to perform multi-record update with all field types and all actions.
It allows you to modify text box fields that are either short-string, multi-line, or date-time fields.
* 18 March 2015: Update for built-in brute-force feature. *The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score.
* 7 April 2015: Update with clarifications on brute-force vs. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
*For Clear Quest 18.104.22.168, 22.214.171.124, 126.96.36.199 and newer, a one second delay is added after the login failure.
This is intended to assist in delaying an attacker while giving the Clear Quest administrator more time to detect the attack and take action.