Section 4: Identity Management
ASA Local Authentication
It's not clear to my why HTTP-USER would get locked out after 3 but NO-LOCK would not
aaa local authentication attempts max-fail 3
username HTTP-USER password HTTP-PASS privilege 15
username NO-LOCK password NO-LOCK privilege 15