The VSHN Account is used to login to VSHN services like the Portal. It is used for VSHNeers as well as VSHN customers.
Limits for password brute-force attacks are in place:
Account is locked for 30 minutes if 10 authentication (bind) attempts have failed
Password must be changed if 100 authentication (bind) attempts have failed
Counter is reset if one attempt has been successful
Since LDAP is used as an authentication back-end for most services, these limits apply to all of those systems as well, assuming that they use bind calls to verify the password. In particular, the limits apply to control.vshn.net. They are also active on the development LDAP server.
You can change the password at control.vshn.net/ on the top right at your profile icon.
If you use applications like Email clients, Nextcloud sync client, etc. running, make sure they don’t try to login after you changed your password. Because of the brute force protection this could lead to unsuccessful logins.