# Failed login attempts

Failed logins are recorded when the provided password for a registered user account does not match the password stored in the ACL.

Account verification will be removed if the number of failed logins reaches the maximum number of allowed failed login attempts (default 3).

The maximum number for failed login attempts can be set in the [**FAILED\_ATTEMPTS environment setting**](https://geolytix.gitbook.io/xyz-developer-guide/environment-settings/access-control).

A new verification request can be generated with the [**registration**](https://geolytix.gitbook.io/xyz-developer-guide/access/registration) / [**password reset endpoint**](https://geolytix.gitbook.io/xyz-developer-guide/access/password-reset).