BMS Security | Troubleshooting account lockout


BMS released a new feature recently which focuses on password policy. Admins now can set password and account policies for their tenant users at BMS > Admin > Security > Password Policy. The default number of failed login attempts is set to 5. You can customize this as required. The default length of time to disable the account is set to 30 minutes.


If you attempted five logins and they failed consecutively, you will be locked out of the account, and you will receive the following email alert - "Your PSA account has been locked for X minutes due to an excessive number of unsuccessful log in attempts."


This might be because you entered an incorrect username or password on the VSA, IT Glue or on a third party application's side.


  1. Check the active integration for the user account in question under BMS > My profile > Settings > Integration page.
  2. Check the username used for the integration with VSA, IT Glue, or any 3rd part applications. The username and password should be the same as the one used in BMS > HR > Employee page of the user.
  3. Go to the respective third party's BMS integration configuration page and test the integration. If the integration test failed, the username or password entered on the third party's BMS integration page could be wrong.
  4. Deactivate the integration from the third party application's side.
  5. Go to BMS > Employee page > respective user. Reset the user's password.
  6. Return to the third party application's BMS integration page, edit the password field and enter the correct password. Save the new password.
  7. Activate the integration from the third party's BMS integration page.

For VSA and IT Glue

VSA: Go to VSA > BMS Integration > Sync Configuration. Click Test. If the test failed, click the Edit button to edit the password. Save it. Then follow steps 4 to 7 mentioned above.


IT Glue: Go to IT Glue > Integrations > Active Integrations page. If the status is not mentioned as OK, click Actions > Edit Credentials to edit the password. Save it. Then follow steps 4 to 7 mentioned above.




Use the API user account instead of the employee account to prevent these lockouts. This account does not take up license and we cannot log into BMS UI with an API account credentials. It is just for integration purpose. For more information, see Dedicated API Integration Account in PSA.

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section