diff --git a/admin/app/controllers/users/user/user.controller.js b/admin/app/controllers/users/user/user.controller.js
index 71063a83..a062907d 100644
--- a/admin/app/controllers/users/user/user.controller.js
+++ b/admin/app/controllers/users/user/user.controller.js
@@ -186,6 +186,41 @@ app.controller('UserController', function ($scope,
 		});
 	};
 
+	$scope.unlockUser = function (user){
+		SweetAlert.swal({
+			title: $translate.instant("SWEET.UNLOCK_TITLE"),
+			type: "warning",
+			showCancelButton: true,
+			confirmButtonColor: "#DD6B55",
+			confirmButtonText: $translate.instant("SWEET.UNLOCK_CONFIRM_BUTTON_TEXT"),
+			cancelButtonText: $translate.instant("SWEET.CANCEL_BUTTON_TEXT"),
+			closeOnConfirm: true,
+			closeOnCancel: true
+		},function (isConfirm) {
+			if (isConfirm) {
+				let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
+				UserService.unlockUser(user, headers, function (response) {
+					if (angular.isDefined(response.status) && response.status === 200) {
+						toaster.pop({
+							type: "success",
+							title: $translate.instant("TOASTER.SUCCESS_TITLE"),
+							body: $translate.instant("TOASTER.SUCCESS_UNLOCK_BODY", { template: $translate.instant("SETTING.USER") }),
+							showCloseButton: true,
+						});
+						$scope.getAllUsers();
+					} else {
+						toaster.pop({
+							type: "error",
+							title: $translate.instant("TOASTER.ERROR_UNLOCK_BODY", { template: $translate.instant("SETTING.USER") }),
+							body: $translate.instant(response.data.description),
+							showCloseButton: true,
+						});
+					}
+				});
+			}
+		});
+	};
+
 	$scope.getAllUsers();
 	$scope.getAllPrivileges();
 
diff --git a/admin/app/services/users/user/user.service.js b/admin/app/services/users/user/user.service.js
index 29d39962..be8b2c02 100644
--- a/admin/app/services/users/user/user.service.js
+++ b/admin/app/services/users/user/user.service.js
@@ -64,6 +64,14 @@ app.factory('UserService', function($http) {
             }, function (response) {
                 callback(response);
             }); 
+        },
+        unlockUser: function(user, headers, callback){
+            $http.put(getAPI()+'users/unlock/'+ user.id, {user}, {headers})
+            .then(function (response) {
+                callback(response);
+            }, function (response) {
+                callback(response);
+            });
         }
     };
 });  
\ No newline at end of file
diff --git a/admin/app/translations.js b/admin/app/translations.js
index 5251e020..61e516c9 100644
--- a/admin/app/translations.js
+++ b/admin/app/translations.js
@@ -1107,6 +1107,7 @@ function config($translateProvider) {
                 BIND_PROPERTY: '绑定属性',
                 EDIT: '修改',
                 DELETE: '删除',
+                UNLOCK: '解锁',
                 SELECT: '选择',
                 RESET: '重置',
                 SAVE: '保存',
@@ -1544,9 +1545,11 @@ function config($translateProvider) {
                 SUCCESS_ADD_BODY: '添加 {{template}} 成功',
                 SUCCESS_UPDATE_BODY: '更新 {{template}} 成功',
                 SUCCESS_DELETE_BODY: '删除 {{template}} 成功',
+                SUCCESS_UNLOCK_BODY: '解锁 {{template}} 成功',
                 ERROR_ADD_BODY: '添加 {{template}} 失败',
                 ERROR_UPDATE_BODY: '更新 {{template}} 失败',
                 ERROR_DELETE_BODY: '删除 {{template}} 失败',
+                ERROR_UNLOCK_BODY: '解锁 {{template}} 失败',
 
                 USER_PASSWORD: '用户密码',
                 BIND_METER_SUCCESS: '绑定计量表成功',
@@ -1573,6 +1576,8 @@ function config($translateProvider) {
                 TEXT: '删除该条也会删除所有与其相关数据!',
                 CONFIRM_BUTTON_TEXT: '确认删除',
                 CANCEL_BUTTON_TEXT: '取消',
+                UNLOCK_TITLE: '请确认是否解锁该用户登录权限',
+                UNLOCK_CONFIRM_BUTTON_TEXT: '确认解锁'
             },
             API: {
                 ADMINISTRATOR_SESSION_NOT_FOUND: 'Administrator Session Not Found',
diff --git a/admin/views/users/user/user.html b/admin/views/users/user/user.html
index 9ea9b675..eae9dd2d 100644
--- a/admin/views/users/user/user.html
+++ b/admin/views/users/user/user.html
@@ -36,6 +36,7 @@
 												<a class="btn btn-primary btn-rounded btn-xs" ng-click="editUser(user)" >{{'SETTING.EDIT' | translate}}</a>
 												<a ng-hide="user.name=='administrator'" class="btn btn-info btn-rounded btn-xs" ng-click="resetPassword(user)" >{{'USER.RESET_PASSWORD' | translate}}</a>
 												<a ng-hide="user.name=='administrator'" ng-click="deleteUser(user)" class="btn btn-danger btn-rounded btn-xs" >{{'SETTING.DELETE' | translate}}</a>
+												<a ng-hide="user.failed_login_count < 3" ng-click="unlockUser(user)" class="btn btn-danger btn-rounded btn-xs" >{{'SETTING.UNLOCK' | translate}}</a>
 											</td>
 										</tr>
 									</tbody>
diff --git a/myems-api/app.py b/myems-api/app.py
index abadcf81..a6bf2b8e 100644
--- a/myems-api/app.py
+++ b/myems-api/app.py
@@ -464,6 +464,8 @@ api.add_route('/users/resetpassword',
               user.ResetPassword())
 api.add_route('/users/changepassword',
               user.ChangePassword())
+api.add_route('/users/unlock/{id_}',
+              user.Unlock())
 
 api.add_route('/virtualmeters',
               virtualmeter.VirtualMeterCollection())
diff --git a/myems-api/config.py b/myems-api/config.py
index 29b019ae..3a9bb99b 100644
--- a/myems-api/config.py
+++ b/myems-api/config.py
@@ -1,154 +1,97 @@
 from decouple import config
 
 
-MYEMS_SYSTEM_DB_HOST = config('MYEMS_SYSTEM_DB_HOST', default='127.0.0.1')
-MYEMS_SYSTEM_DB_PORT = config('MYEMS_SYSTEM_DB_PORT', default=3306, cast=int)
-MYEMS_SYSTEM_DB_DATABASE = config('MYEMS_SYSTEM_DB_DATABASE', default='myems_system_db')
-MYEMS_SYSTEM_DB_USER = config('MYEMS_SYSTEM_DB_USER', default='root')
-MYEMS_SYSTEM_DB_PASSWORD = config('MYEMS_SYSTEM_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_ENERGY_DB_HOST = config('MYEMS_ENERGY_DB_HOST', default='127.0.0.1')
-MYEMS_ENERGY_DB_PORT = config('MYEMS_ENERGY_DB_PORT', default=3306, cast=int)
-MYEMS_ENERGY_DB_DATABASE = config('MYEMS_ENERGY_DB_DATABASE', default='myems_energy_db')
-MYEMS_ENERGY_DB_USER = config('MYEMS_ENERGY_DB_USER', default='root')
-MYEMS_ENERGY_DB_PASSWORD = config('MYEMS_ENERGY_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_ENERGY_BASELINE_DB_HOST = config('MYEMS_ENERGY_BASELINE_DB_HOST', default='127.0.0.1')
-MYEMS_ENERGY_BASELINE_DB_PORT = config('MYEMS_ENERGY_BASELINE_DB_PORT', default=3306, cast=int)
-MYEMS_ENERGY_BASELINE_DB_DATABASE = config('MYEMS_ENERGY_BASELINE_DB_DATABASE', default='myems_energy_baseline_db')
-MYEMS_ENERGY_BASELINE_DB_USER = config('MYEMS_ENERGY_BASELINE_DB_USER', default='root')
-MYEMS_ENERGY_BASELINE_DB_PASSWORD = config('MYEMS_ENERGY_BASELINE_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_BILLING_DB_HOST = config('MYEMS_BILLING_DB_HOST', default='127.0.0.1')
-MYEMS_BILLING_DB_PORT = config('MYEMS_BILLING_DB_PORT', default=3306, cast=int)
-MYEMS_BILLING_DB_DATABASE = config('MYEMS_BILLING_DB_DATABASE', default='myems_billing_db')
-MYEMS_BILLING_DB_USER = config('MYEMS_BILLING_DB_USER', default='root')
-MYEMS_BILLING_DB_PASSWORD = config('MYEMS_BILLING_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_BILLING_BASELINE_DB_HOST = config('MYEMS_BILLING_BASELINE_DB_HOST', default='127.0.0.1')
-MYEMS_BILLING_BASELINE_DB_PORT = config('MYEMS_BILLING_BASELINE_DB_PORT', default=3306, cast=int)
-MYEMS_BILLING_BASELINE_DB_DATABASE = config('MYEMS_BILLING_BASELINE_DB_DATABASE', default='myems_billing_baseline_db')
-MYEMS_BILLING_BASELINE_DB_USER = config('MYEMS_BILLING_BASELINE_DB_USER', default='root')
-MYEMS_BILLING_BASELINE_DB_PASSWORD = config('MYEMS_BILLING_BASELINE_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_HISTORICAL_DB_HOST = config('MYEMS_HISTORICAL_DB_HOST', default='127.0.0.1')
-MYEMS_HISTORICAL_DB_PORT = config('MYEMS_HISTORICAL_DB_PORT', default=3306, cast=int)
-MYEMS_HISTORICAL_DB_DATABASE = config('MYEMS_HISTORICAL_DB_DATABASE', default='myems_historical_db')
-MYEMS_HISTORICAL_DB_USER = config('MYEMS_HISTORICAL_DB_USER', default='root')
-MYEMS_HISTORICAL_DB_PASSWORD = config('MYEMS_HISTORICAL_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_USER_DB_HOST = config('MYEMS_USER_DB_HOST', default='127.0.0.1')
-MYEMS_USER_DB_PORT = config('MYEMS_USER_DB_PORT', default=3306, cast=int)
-MYEMS_USER_DB_DATABASE = config('MYEMS_USER_DB_DATABASE', default='myems_user_db')
-MYEMS_USER_DB_USER = config('MYEMS_USER_DB_USER', default='root')
-MYEMS_USER_DB_PASSWORD = config('MYEMS_USER_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_FDD_DB_HOST = config('MYEMS_FDD_DB_HOST', default='127.0.0.1')
-MYEMS_FDD_DB_PORT = config('MYEMS_FDD_DB_PORT', default=3306, cast=int)
-MYEMS_FDD_DB_DATABASE = config('MYEMS_FDD_DB_DATABASE', default='myems_fdd_db')
-MYEMS_FDD_DB_USER = config('MYEMS_FDD_DB_USER', default='root')
-MYEMS_FDD_DB_PASSWORD = config('MYEMS_FDD_DB_PASSWORD', default='!MyEMS1')
-
-MYEMS_REPORTING_DB_HOST = config('MYEMS_REPORTING_DB_HOST', default='127.0.0.1')
-MYEMS_REPORTING_DB_PORT = config('MYEMS_REPORTING_DB_PORT', default=3306, cast=int)
-MYEMS_REPORTING_DB_DATABASE = config('MYEMS_REPORTING_DB_DATABASE', default='myems_reporting_db')
-MYEMS_REPORTING_DB_USER = config('MYEMS_REPORTING_DB_USER', default='root')
-MYEMS_REPORTING_DB_PASSWORD = config('MYEMS_REPORTING_DB_PASSWORD', default='!MyEMS1')
-
-MINUTES_TO_COUNT = config('MINUTES_TO_COUNT', default=60, cast=int)
-UTC_OFFSET = config('UTC_OFFSET', default='+08:00')
-WORKING_DAY_START_TIME_LOCAL = config('WORKING_DAY_START_TIME_LOCAL', default='00:00:00')
-UPLOAD_PATH = config('UPLOAD_PATH', default='/var/www/html/admin/upload/')
-CURRENCY_UNIT = config('CURRENCY_UNIT', default='CNY')
-
 myems_system_db = {
-    'host': MYEMS_SYSTEM_DB_HOST,
-    'port': MYEMS_SYSTEM_DB_PORT,
-    'database': MYEMS_SYSTEM_DB_DATABASE,
-    'user': MYEMS_SYSTEM_DB_USER,
-    'password': MYEMS_SYSTEM_DB_PASSWORD,
+    'host': config('MYEMS_SYSTEM_DB_HOST', default='127.0.0.1'),
+    'port': config('MYEMS_SYSTEM_DB_PORT', default=3306, cast=int),
+    'database': config('MYEMS_SYSTEM_DB_DATABASE', default='myems_system_db'),
+    'user': config('MYEMS_SYSTEM_DB_USER', default='root'),
+    'password': config('MYEMS_SYSTEM_DB_PASSWORD', default='!MyEMS1'),
 }
 
 myems_energy_db = {
-    'host': MYEMS_ENERGY_DB_HOST,
-    'port': MYEMS_ENERGY_DB_PORT,
-    'database': MYEMS_ENERGY_DB_DATABASE,
-    'user': MYEMS_ENERGY_DB_USER,
-    'password': MYEMS_ENERGY_DB_PASSWORD,
+    'host': config('MYEMS_ENERGY_DB_HOST', default='127.0.0.1'),
+    'port': config('MYEMS_ENERGY_DB_PORT', default=3306, cast=int),
+    'database': config('MYEMS_ENERGY_DB_DATABASE', default='myems_energy_db'),
+    'user': config('MYEMS_ENERGY_DB_USER', default='root'),
+    'password': config('MYEMS_ENERGY_DB_PASSWORD', default='!MyEMS1'),
 }
 
 myems_energy_baseline_db = {
-    'host': MYEMS_ENERGY_BASELINE_DB_HOST,
-    'port': MYEMS_ENERGY_BASELINE_DB_PORT,
-    'database': MYEMS_ENERGY_BASELINE_DB_DATABASE,
-    'user': MYEMS_ENERGY_BASELINE_DB_USER,
-    'password': MYEMS_ENERGY_BASELINE_DB_PASSWORD,
+    'host': config('MYEMS_ENERGY_BASELINE_DB_HOST', default='127.0.0.1'),
+    'port': config('MYEMS_ENERGY_BASELINE_DB_PORT', default=3306, cast=int),
+    'database': config('MYEMS_ENERGY_BASELINE_DB_DATABASE', default='myems_energy_baseline_db'),
+    'user': config('MYEMS_ENERGY_BASELINE_DB_USER', default='root'),
+    'password': config('MYEMS_ENERGY_BASELINE_DB_PASSWORD', default='!MyEMS1'),
 }
 
 myems_billing_db = {
-    'host': MYEMS_BILLING_DB_HOST,
-    'port': MYEMS_BILLING_DB_PORT,
-    'database': MYEMS_BILLING_DB_DATABASE,
-    'user': MYEMS_BILLING_DB_USER,
-    'password': MYEMS_BILLING_DB_PASSWORD,
+    'host': config('MYEMS_BILLING_DB_HOST', default='127.0.0.1'),
+    'port': config('MYEMS_BILLING_DB_PORT', default=3306, cast=int),
+    'database': config('MYEMS_BILLING_DB_DATABASE', default='myems_billing_db'),
+    'user': config('MYEMS_BILLING_DB_USER', default='root'),
+    'password': config('MYEMS_BILLING_DB_PASSWORD', default='!MyEMS1'),
 }
 
 myems_billing_baseline_db = {
-    'host': MYEMS_BILLING_BASELINE_DB_HOST,
-    'port': MYEMS_BILLING_BASELINE_DB_PORT,
-    'database': MYEMS_BILLING_BASELINE_DB_DATABASE,
-    'user': MYEMS_BILLING_BASELINE_DB_USER,
-    'password': MYEMS_BILLING_BASELINE_DB_PASSWORD,
+    'host': config('MYEMS_BILLING_BASELINE_DB_HOST', default='127.0.0.1'),
+    'port': config('MYEMS_BILLING_BASELINE_DB_PORT', default=3306, cast=int),
+    'database': config('MYEMS_BILLING_BASELINE_DB_DATABASE', default='myems_billing_baseline_db'),
+    'user': config('MYEMS_BILLING_BASELINE_DB_USER', default='root'),
+    'password': config('MYEMS_BILLING_BASELINE_DB_PASSWORD', default='!MyEMS1'),
 }
 
 myems_historical_db = {
-    'host': MYEMS_HISTORICAL_DB_HOST,
-    'port': MYEMS_HISTORICAL_DB_PORT,
-    'database': MYEMS_HISTORICAL_DB_DATABASE,
-    'user': MYEMS_HISTORICAL_DB_USER,
-    'password': MYEMS_HISTORICAL_DB_PASSWORD,
+    'host': config('MYEMS_HISTORICAL_DB_HOST', default='127.0.0.1'),
+    'port': config('MYEMS_HISTORICAL_DB_PORT', default=3306, cast=int),
+    'database': config('MYEMS_HISTORICAL_DB_DATABASE', default='myems_historical_db'),
+    'user': config('MYEMS_HISTORICAL_DB_USER', default='root'),
+    'password': config('MYEMS_HISTORICAL_DB_PASSWORD', default='!MyEMS1'),
 }
 
 myems_user_db = {
-    'host': MYEMS_USER_DB_HOST,
-    'port': MYEMS_USER_DB_PORT,
-    'database': MYEMS_USER_DB_DATABASE,
-    'user': MYEMS_USER_DB_USER,
-    'password': MYEMS_USER_DB_PASSWORD,
+    'host': config('MYEMS_USER_DB_HOST', default='127.0.0.1'),
+    'port': config('MYEMS_USER_DB_PORT', default=3306, cast=int),
+    'database': config('MYEMS_USER_DB_DATABASE', default='myems_user_db'),
+    'user': config('MYEMS_USER_DB_USER', default='root'),
+    'password': config('MYEMS_USER_DB_PASSWORD', default='!MyEMS1'),
 }
 
 myems_fdd_db = {
-    'host': MYEMS_FDD_DB_HOST,
-    'port': MYEMS_FDD_DB_PORT,
-    'database': MYEMS_FDD_DB_DATABASE,
-    'user': MYEMS_FDD_DB_USER,
-    'password': MYEMS_FDD_DB_PASSWORD,
+    'host': config('MYEMS_FDD_DB_HOST', default='127.0.0.1'),
+    'port': config('MYEMS_FDD_DB_PORT', default=3306, cast=int),
+    'database': config('MYEMS_FDD_DB_DATABASE', default='myems_fdd_db'),
+    'user': config('MYEMS_FDD_DB_USER', default='root'),
+    'password': config('MYEMS_FDD_DB_PASSWORD', default='!MyEMS1'),
 }
 
 myems_reporting_db = {
-    'host': MYEMS_REPORTING_DB_HOST,
-    'port': MYEMS_REPORTING_DB_PORT,
-    'database': MYEMS_REPORTING_DB_DATABASE,
-    'user': MYEMS_REPORTING_DB_USER,
-    'password': MYEMS_REPORTING_DB_PASSWORD,
+    'host': config('MYEMS_REPORTING_DB_HOST', default='127.0.0.1'),
+    'port': config('MYEMS_REPORTING_DB_PORT', default=3306, cast=int),
+    'database': config('MYEMS_REPORTING_DB_DATABASE', default='myems_reporting_db'),
+    'user': config('MYEMS_REPORTING_DB_USER', default='root'),
+    'password': config('MYEMS_REPORTING_DB_PASSWORD', default='!MyEMS1'),
 }
 
 # indicated in how many minutes to calculate meter energy consumption
 # 30 for half hourly period
 # 60 for hourly period
-minutes_to_count = MINUTES_TO_COUNT
+minutes_to_count = config('MINUTES_TO_COUNT', default=60, cast=int)
 
 # indicates the project's time zone offset from UTC
-utc_offset = UTC_OFFSET
+utc_offset = config('UTC_OFFSET', default='+08:00')
 
 # indicates from when ( in local timezone) of the day to calculate working days
-working_day_start_time_local = WORKING_DAY_START_TIME_LOCAL
+working_day_start_time_local = config('WORKING_DAY_START_TIME_LOCAL', default='00:00:00')
 
 # indicates where user uploaded files will be saved to
 # must use the root folder of myems-admin web application
 # for example if you serve myems-admin at /var/www/html/admin
 # you should set the upload_path as below
-upload_path = UPLOAD_PATH
+upload_path = config('UPLOAD_PATH', default='/var/www/html/admin/upload/')
 
 # main currency unit
-currency_unit = CURRENCY_UNIT
+currency_unit = config('CURRENCY_UNIT', default='CNY')
+
+# maximum failed login count, otherwise the user should be locked
+maximum_failed_login_count = config('MAXIMUM_FAILED_LOGIN_COUNT', default=6, cast=int)
diff --git a/myems-api/core/user.py b/myems-api/core/user.py
index 8c8fd9f5..aefd2e83 100644
--- a/myems-api/core/user.py
+++ b/myems-api/core/user.py
@@ -27,7 +27,7 @@ class UserCollection:
         cursor = cnx.cursor()
         query = (" SELECT u.id, u.name, u.display_name, u.uuid, "
                  "        u.email, u.is_admin, p.id, p.name, "
-                 "        u.account_expiration_datetime_utc, u.password_expiration_datetime_utc "
+                 "        u.account_expiration_datetime_utc, u.password_expiration_datetime_utc, u.failed_login_count "
                  " FROM tbl_users u "
                  " LEFT JOIN tbl_privileges p ON u.privilege_id = p.id "
                  " ORDER BY u.name ")
@@ -59,7 +59,8 @@ class UserCollection:
                                "account_expiration_datetime":
                                    account_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S'),
                                "password_expiration_datetime":
-                                   password_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S')}
+                                   password_expiration_datetime_local.strftime('%Y-%m-%dT%H:%M:%S'),
+                               "failed_login_count": row[10]}
                 result.append(meta_result)
 
         resp.text = json.dumps(result)
@@ -444,7 +445,7 @@ class UserLogin:
                                        description='API.INVALID_USER_NAME')
 
             query = (" SELECT id, name, uuid, display_name, email, salt, password, is_admin, "
-                     "        account_expiration_datetime_utc, password_expiration_datetime_utc "
+                     "        account_expiration_datetime_utc, password_expiration_datetime_utc, failed_login_count "
                      " FROM tbl_users "
                      " WHERE name = %s ")
             cursor.execute(query, (str.strip(new_values['data']['name']).lower(),))
@@ -463,7 +464,8 @@ class UserLogin:
                       "password": row[6],
                       "is_admin": True if row[7] else False,
                       "account_expiration_datetime_utc": row[8],
-                      "password_expiration_datetime_utc": row[9]}
+                      "password_expiration_datetime_utc": row[9],
+                      "failed_login_count": row[10]}
 
         elif 'email' in new_values['data']:
             if not isinstance(new_values['data']['email'], str) or \
@@ -472,7 +474,7 @@ class UserLogin:
                                        description='API.INVALID_EMAIL')
 
             query = (" SELECT id, name, uuid, display_name, email, salt, password, is_admin, "
-                     "        account_expiration_datetime_utc, password_expiration_datetime_utc "
+                     "        account_expiration_datetime_utc, password_expiration_datetime_utc,failed_login_count "
                      " FROM tbl_users "
                      " WHERE email = %s ")
             cursor.execute(query, (str.strip(new_values['data']['email']).lower(),))
@@ -491,22 +493,45 @@ class UserLogin:
                       "password": row[6],
                       "is_admin": True if row[7] else False,
                       "account_expiration_datetime_utc": row[8],
-                      "password_expiration_datetime_utc": row[9]}
+                      "password_expiration_datetime_utc": row[9],
+                      "failed_login_count": row[10]}
+
         else:
             cursor.close()
             cnx.disconnect()
             raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
                                    description='API.INVALID_USER_NAME_OR_EMAIL')
 
+        failed_login_count = result['failed_login_count']
+
+        if failed_login_count >= config.maximum_failed_login_count:
+            cursor.close()
+            cnx.disconnect()
+            raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.USER_ACCOUNT_HAS_BEEN_LOCKED')
+
         salt = result['salt']
         password = str.strip(new_values['data']['password'])
         hashed_password = hashlib.sha512(salt.encode() + password.encode()).hexdigest()
 
         if hashed_password != result['password']:
+            update_failed_login_count = (" UPDATE tbl_users "
+                                         " SET failed_login_count = %s "
+                                         " WHERE uuid = %s ")
+            user_uuid = result['uuid']
+            cursor.execute(update_failed_login_count, (failed_login_count + 1, user_uuid))
+            cnx.commit()
             cursor.close()
             cnx.disconnect()
             raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.INVALID_PASSWORD')
 
+        if failed_login_count != 0:
+            update_failed_login_count = (" UPDATE tbl_users "
+                                         " SET failed_login_count = 0 "
+                                         " WHERE uuid = %s ")
+            user_uuid = result['uuid']
+            cursor.execute(update_failed_login_count, (user_uuid, ))
+            cnx.commit()
+
         if result['account_expiration_datetime_utc'] <= datetime.utcnow():
             cursor.close()
             cnx.disconnect()
@@ -828,3 +853,72 @@ class ResetPassword:
         resp.status = falcon.HTTP_200
         write_log(user_uuid=admin_user_uuid, request_method='PUT', resource_type='ResetPassword',
                   resource_id=user_id, request_body=None)
+
+
+class Unlock:
+    @staticmethod
+    def __init__():
+        """Initializes Class"""
+        pass
+
+    @staticmethod
+    def on_options(req, resp):
+        resp.status = falcon.HTTP_200
+
+    @staticmethod
+    def on_put(req, resp, id_):
+        """Handles PUT requests"""
+        if 'USER-UUID' not in req.headers or \
+                not isinstance(req.headers['USER-UUID'], str) or \
+                len(str.strip(req.headers['USER-UUID'])) == 0:
+            raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
+                                   description='API.INVALID_USER_UUID')
+        admin_user_uuid = str.strip(req.headers['USER-UUID'])
+
+        if not id_.isdigit() or int(id_) <= 0:
+            raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
+                                   description='API.INVALID_USER_ID')
+
+        Id = id_
+
+        cnx = mysql.connector.connect(**config.myems_user_db)
+        cursor = cnx.cursor()
+
+        query = (" SELECT failed_login_count "
+                 " FROM tbl_users "
+                 " WHERE id = %s ")
+        cursor.execute(query, (Id,))
+        row = cursor.fetchone()
+        if row is None:
+            cursor.close()
+            cnx.disconnect()
+            raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.INVALID_Id')
+
+        failed_login_count = row[0]
+        if failed_login_count < config.maximum_failed_login_count:
+            cursor.close()
+            cnx.disconnect()
+            raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.USER_ACCOUNT_IS_NOT_LOCKED')
+
+        update_user = (" UPDATE tbl_users "
+                       " SET failed_login_count = 0"
+                       " WHERE id = %s ")
+        cursor.execute(update_user, (Id, ))
+        cnx.commit()
+
+        query = (" SELECT failed_login_count "
+                 " FROM tbl_users "
+                 " WHERE id = %s ")
+        cursor.execute(query, (Id,))
+        row = cursor.fetchone()
+        if row is None or row[0] != 0:
+            cursor.close()
+            cnx.disconnect()
+            raise falcon.HTTPError(falcon.HTTP_400, 'API.BAD_REQUEST', 'API.ACCOUNT_UNLOCK_FAILED')
+
+        cursor.close()
+        cnx.disconnect()
+        resp.text = json.dumps("OK")
+        resp.status = falcon.HTTP_200
+        write_log(user_uuid=admin_user_uuid, request_method='PUT', resource_type='UnlockUser',
+                  resource_id=Id, request_body=None)