As a Inactive user role if i login with Mendix login screen Its giving error like Username and password is incorrect but correct behaviour is like it should say Your account is not active

Steps :  1] From Administration screen created one X user and made active. 2] I was able to login with  X user when it is active Now I once again logged in as Admin , I intentionally did inactive the user X 1] Now iam trying to login by user x it giving me error saying your account name or password is wrong but it should say like '’Account is inactive '’ If anyone has an idea to show the "Account is inactive ” message .  
1 answers

You could create your own login page and display more detailed error messages. However, it is an accepted practice to show a user as few details as possible when authentication fails, so that an attacker of your system can’t get the information either:

  • If it says: user does not exist, an attacker knows he should try a different user name
  • If it says: password is incorrect, the attacker now knows that the account exists
  • If it says: your account is disabled, the attacker now knows that the account exists and that the password is correct


By having a generic message, the attacker learns nothing.