diff --git a/app/controllers/password_resets_controller.rb b/app/controllers/password_resets_controller.rb
index 48f99549485b45c1a31c82b0ae705536cea8de80..82021312002d658b319b276e593dae6b6ad1a910 100644
--- a/app/controllers/password_resets_controller.rb
+++ b/app/controllers/password_resets_controller.rb
@@ -19,7 +19,6 @@
 class PasswordResetsController < ApplicationController
   include Emailer
 
-  before_action :disable_password_reset, unless: -> { Rails.configuration.enable_email_verification }
   before_action :find_user, only: [:edit, :update]
   before_action :check_expiration, only: [:edit, :update]
 
@@ -83,11 +82,6 @@ class PasswordResetsController < ApplicationController
     redirect_to new_password_reset_url, alert: I18n.t("expired_reset_token") if @user.password_reset_expired?
   end
 
-  # Redirects to 404 if emails are not enabled
-  def disable_password_reset
-    redirect_to '/404'
-  end
-
   # Checks that the captcha passed is valid
   def valid_captcha
     return true unless Rails.configuration.recaptcha_enabled
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 0534d71f266953b4099149ea3f4cbf1f944501f1..35925a7366d4b348f4456fd3fe48cdfed21b0123 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -67,9 +67,6 @@ class SessionsController < ApplicationController
 
     user = User.include_deleted.find_by(email: session_params[:email].downcase)
 
-    # Check if account is locked out due to too many attempts
-    return redirect_to(signin_path, alert: I18n.t("login_page.locked_out")) if user.locked_out?
-
     is_super_admin = user&.has_role? :super_admin
 
     # Scope user to domain if the user is not a super admin
@@ -84,7 +81,6 @@ class SessionsController < ApplicationController
     # Check correct password was entered
     unless user.try(:authenticate, session_params[:password])
       logger.info "Support: #{session_params[:email]} login failed."
-      user.update(failed_attempts: user.failed_attempts.to_i + 1, last_failed_attempt: DateTime.now)
       return redirect_to(signin_path, alert: I18n.t("invalid_credentials"))
     end
 
@@ -142,7 +138,12 @@ flash: { alert: I18n.t("registration.insecure_password") } unless user.secure_pa
     ldap_config[:bind_dn] = ENV['LDAP_BIND_DN']
     ldap_config[:password] = ENV['LDAP_PASSWORD']
     ldap_config[:auth_method] = ENV['LDAP_AUTH']
-    ldap_config[:encryption] = ldap_encryption
+    ldap_config[:encryption] = case ENV['LDAP_METHOD']
+                               when 'ssl'
+                                 'simple_tls'
+                               when 'tls'
+                                 'start_tls'
+                               end
     ldap_config[:base] = ENV['LDAP_BASE']
     ldap_config[:filter] = ENV['LDAP_FILTER']
     ldap_config[:uid] = ENV['LDAP_UID']
diff --git a/config/application.rb b/config/application.rb
index f971b59a3a9152de6396231cbd6dd3a6bfd8600b..80ec53b5a8e31487ec5d13b1eb77e2717016ee2b 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -182,7 +182,7 @@ module Greenlight
     config.moderator_codes_default = "disabled"
 
     # Default admin password
-    config.admin_password_default = ENV['ADMIN_PASSWORD'] || 'administrator'
+    config.admin_password_default = ENV['ADMIN_PASSWORD'] || 'Administrator1!'
 
     # Max avatar image size
     config.max_avatar_size = ENV['MAX_AVATAR_SIZE'].to_i.zero? ? 100_000 : ENV['MAX_AVATAR_SIZE'].to_i
diff --git a/spec/controllers/password_resets_controller_spec.rb b/spec/controllers/password_resets_controller_spec.rb
index a48fa2f308cc4ca3f709f7a15e3d65abbd29d653..2bcf5326bd5a7d0cf07c033d07e8238bdb03e33c 100644
--- a/spec/controllers/password_resets_controller_spec.rb
+++ b/spec/controllers/password_resets_controller_spec.rb
@@ -62,15 +62,6 @@ describe PasswordResetsController, type: :controller do
       end
     end
 
-    context "does not allow mail notifications" do
-      before { allow(Rails.configuration).to receive(:enable_email_verification).and_return(false) }
-
-      it "renders a 404 page upon if email notifications are disabled" do
-        get :create
-        expect(response).to redirect_to("/404")
-      end
-    end
-
     context "reCAPTCHA enabled" do
       before do
         allow(Rails.configuration).to receive(:enable_email_verification).and_return(true)
diff --git a/spec/controllers/sessions_controller_spec.rb b/spec/controllers/sessions_controller_spec.rb
index df1313c15e66e8081bd9ffa992d146c1ec3647c3..a99dba3188eea44dedbe16133199d6101c3f953c 100644
--- a/spec/controllers/sessions_controller_spec.rb
+++ b/spec/controllers/sessions_controller_spec.rb
@@ -302,39 +302,6 @@ describe SessionsController, type: :controller do
 
       expect(response).to redirect_to(edit_password_reset_path("reset_token"))
     end
-
-    context "account lockout due to failed attempts" do
-      it "increases failed_attempts if the credentials are incorrect" do
-        freeze_time do
-          3.times do
-            post :create, params: {
-              session: {
-                email: @user1.email,
-                password: 'invalid',
-              },
-            }
-          end
-
-          expect(@user1.reload.failed_attempts).to eq(3)
-          expect(@user1.last_failed_attempt).to eq(DateTime.now)
-        end
-      end
-
-      it "locks out the user if the attempts are > 5 in the past 24 hours" do
-        @user1.update(failed_attempts: 6, last_failed_attempt: 5.minutes.ago)
-
-        post :create, params: {
-          session: {
-            email: @user1.email,
-            password: 'Example1!',
-          },
-        }
-
-        expect(@request.session[:user_id]).to be_nil
-        expect(flash[:alert]).to eq(I18n.t("login_page.locked_out"))
-        expect(response).to redirect_to(signin_path)
-      end
-    end
   end
 
   describe "GET/POST #omniauth" do