diff --git a/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenCreatingNewUserTest.php b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenCreatingNewUserTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..4b42430c0b8a81987b78d907f8b4a4c56d6db834
--- /dev/null
+++ b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenCreatingNewUserTest.php
@@ -0,0 +1,134 @@
+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Security\Test\TestCase;
+
+
+use Magento\User\Test\Page\Adminhtml\UserEdit;
+use Magento\User\Test\Page\Adminhtml\UserIndex;
+use Magento\Mtf\TestCase\Injectable;
+use Magento\User\Test\Fixture\User;
+use Magento\Backend\Test\Page\AdminAuthLogin;
+
+/**
+ * Preconditions:
+ * 1. Create admin user.
+ * 2. Configure 'Maximum Login Failures to Lockout Account'.
+ *
+ * Steps:
+ * 1. Log in to backend as admin user.
+ * 2. Navigate to System > All Users.
+ * 3. Click on Add New User.
+ * 4. Fill in all data according to data set (password is incorrect).
+ * 5. Perform action 4 specified number of times.
+ * 6. "You have entered an invalid password for current user." appears after each attempt.
+ * 7. Perform all assertions.
+ *
+ * @ZephyrId MAGETWO-49034
+ */
+class LockAdminUserWhenCreatingNewUserTest extends Injectable
+{
+ /* tags */
+ const MVP = 'yes';
+ const SEVERITY = 'S2';
+ /* end tags */
+
+ /**
+ * User grid page
+ *
+ * @var UserIndex
+ */
+ protected $userIndexPage;
+
+ /**
+ * User new/edit page
+ *
+ * @var UserEdit
+ */
+ protected $userEditPage;
+
+ /**
+ * Configuration setting.
+ *
+ * @var string
+ */
+ protected $configData;
+
+ /**
+ * @var AdminAuthLogin page
+ */
+ protected $adminAuthLogin;
+
+ /**
+ * Setup data for test.
+ * @param UserIndex $userIndex
+ * @param UserEdit $userEdit
+ * @param AdminAuthLogin $adminAuthLogin
+ */
+ public function __inject(
+ UserIndex $userIndex,
+ UserEdit $userEdit,
+ AdminAuthLogin $adminAuthLogin
+ ) {
+ $this->userIndexPage = $userIndex;
+ $this->userEditPage = $userEdit;
+ $this->adminAuthLogin = $adminAuthLogin;
+ }
+
+ /**
+ * Runs Lock admin user when creating new user test.
+ *
+ * @param int $attempts
+ * @param User $customAdmin,
+ * @param User $user,
+ * @param string $configData
+ * @return void
+ */
+ public function test(
+ $attempts,
+ User $customAdmin,
+ User $user,
+ $configData
+ ) {
+ $this->configData = $configData;
+
+ // Preconditions
+ $this->objectManager->create(
+ \Magento\Config\Test\TestStep\SetupConfigurationStep::class,
+ ['configData' => $this->configData]
+ )->run();
+ $customAdmin->persist();
+
+ // Steps
+ $this->adminAuthLogin->open();
+ $this->adminAuthLogin->getLoginBlock()->fill($customAdmin);
+ $this->adminAuthLogin->getLoginBlock()->submit();
+ $this->userIndexPage->open();
+ $this->userIndexPage->getPageActions()->addNew();
+ for ($i = 0; $i < $attempts; $i++) {
+ $this->userEditPage->getUserForm()->fill($user);
+ $this->userEditPage->getPageActions()->save();
+ }
+
+ // Reload
+ $this->adminAuthLogin->open();
+ $this->adminAuthLogin->getLoginBlock()->fill($customAdmin);
+ $this->adminAuthLogin->getLoginBlock()->submit();
+ }
+
+ /**
+ * Clean data after running test.
+ *
+ * @return void
+ */
+ public function tearDown()
+ {
+ $this->objectManager->create(
+ \Magento\Config\Test\TestStep\SetupConfigurationStep::class,
+ ['configData' => $this->configData, 'rollback' => true]
+ )->run();
+ }
+}
diff --git a/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenCreatingNewUserTest.xml b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenCreatingNewUserTest.xml
new file mode 100644
index 0000000000000000000000000000000000000000..e36f8b4625dd66eeb5a41f15c74c4bdf6e7eeeea
--- /dev/null
+++ b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenCreatingNewUserTest.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+ -->
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../../../../../../vendor/magento/mtf/etc/variations.xsd">
+ <testCase name="Magento\Security\Test\TestCase\LockAdminUserWhenCreatingNewUserTest" summary="Lock admin user after entering incorrect password while creating new User">
+ <variation name="LockAdminUserWhenCreatingNewUserTestVariation1">
+ <data name="configData" xsi:type="string">user_lockout_failures</data>
+ <data name="tag" xsi:type="string">severity:S2</data>
+ <data name="customAdmin/dataset" xsi:type="string">custom_admin_with_default_role</data>
+ <data name="user/data/username" xsi:type="string">AdminUser%isolation%</data>
+ <data name="user/data/firstname" xsi:type="string">FirstName%isolation%</data>
+ <data name="user/data/lastname" xsi:type="string">LastName%isolation%</data>
+ <data name="user/data/email" xsi:type="string">email%isolation%@example.com</data>
+ <data name="user/data/password" xsi:type="string">123123q</data>
+ <data name="user/data/password_confirmation" xsi:type="string">123123q</data>
+ <data name="user/data/current_password" xsi:type="string">incorrect password</data>
+ <data name="attempts" xsi:type="string">4</data>
+ <constraint name="Magento\Security\Test\Constraint\AssertUserIsLocked" />
+ </variation>
+ </testCase>
+</config>
diff --git a/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingIntegrationTest.php b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingIntegrationTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..4a1c1d0507c91ea3b9a86d254f6f2c01d58a7d2d
--- /dev/null
+++ b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingIntegrationTest.php
@@ -0,0 +1,143 @@
+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Security\Test\TestCase;
+
+use Magento\Integration\Test\Fixture\Integration;
+use Magento\User\Test\Fixture\User;
+use Magento\Integration\Test\Page\Adminhtml\IntegrationIndex;
+use Magento\Integration\Test\Page\Adminhtml\IntegrationNew;
+use Magento\Mtf\TestCase\Injectable;
+use Magento\Backend\Test\Page\AdminAuthLogin;
+
+/**
+ * Preconditions:
+ * 1. Create admin user.
+ * 2. Create integration.
+ * 3. Configure 'Maximum Login Failures to Lockout Account'.
+ *
+ * Steps:
+ * 1. Log in to backend as admin user.
+ * 2. Navigate to System > Extensions > Integrations.
+ * 3. Start to edit existing Integration.
+ * 4. Fill in all data according to data set (password is incorrect).
+ * 5. Perform action 4 specified number of times.
+ * 6. "You have entered an invalid password for current user." appears after each attempt.
+ * 7. Perform all assertions.
+ *
+ * @ZephyrId MAGETWO-49039
+ */
+class LockAdminUserWhenEditingIntegrationTest extends Injectable
+{
+ /* tags */
+ const MVP = 'yes';
+ const SEVERITY = 'S2';
+ /* end tags */
+
+ /**
+ * Integration grid page.
+ *
+ * @var IntegrationIndex
+ */
+ protected $integrationIndexPage;
+
+ /**
+ * Integration new page.
+ *
+ * @var IntegrationNew
+ */
+ protected $integrationNewPage;
+
+ /**
+ * Configuration setting.
+ *
+ * @var string
+ */
+ protected $configData;
+
+ /**
+ * @var AdminAuthLogin
+ */
+ protected $adminAuthLogin;
+
+ /**
+ * Preparing pages for test.
+ *
+ * @param IntegrationIndex $integrationIndex
+ * @param IntegrationNew $integrationNew
+ * @param AdminAuthLogin $adminAuthLogin
+ * @return void
+ */
+ public function __inject(
+ IntegrationIndex $integrationIndex,
+ IntegrationNew $integrationNew,
+ AdminAuthLogin $adminAuthLogin
+ ) {
+ $this->integrationIndexPage = $integrationIndex;
+ $this->integrationNewPage = $integrationNew;
+ $this->adminAuthLogin = $adminAuthLogin;
+ }
+
+ /**
+ * Run Lock user when creating new integration test.
+ *
+ * @param Integration $initintegration
+ * @param Integration $integration
+ * @param int $attempts
+ * @param User $customAdmin
+ * @param string $configData
+ * @return void
+ */
+ public function test(
+ Integration $initintegration,
+ Integration $integration,
+ $attempts,
+ User $customAdmin,
+ $configData
+ ) {
+ $this->configData = $configData;
+
+ // Preconditions
+ $this->objectManager->create(
+ \Magento\Config\Test\TestStep\SetupConfigurationStep::class,
+ ['configData' => $this->configData]
+ )->run();
+ $customAdmin->persist();
+ $initintegration->persist();
+
+ // login to backend with new user
+ $this->adminAuthLogin->open();
+ $this->adminAuthLogin->getLoginBlock()->fill($customAdmin);
+ $this->adminAuthLogin->getLoginBlock()->submit();
+
+ // Steps
+ $filter = ['name' => $initintegration->getName()];
+ $this->integrationIndexPage->open();
+ $this->integrationIndexPage->getIntegrationGrid()->searchAndOpen($filter);
+ for ($i = 0; $i < $attempts; $i++) {
+ $this->integrationNewPage->getIntegrationForm()->fill($integration);
+ $this->integrationNewPage->getFormPageActions()->save();
+ }
+
+ // Reload page
+ $this->adminAuthLogin->open();
+ $this->adminAuthLogin->getLoginBlock()->fill($customAdmin);
+ $this->adminAuthLogin->getLoginBlock()->submit();
+ }
+
+ /**
+ * Clean data after running test.
+ *
+ * @return void
+ */
+ public function tearDown()
+ {
+ $this->objectManager->create(
+ \Magento\Config\Test\TestStep\SetupConfigurationStep::class,
+ ['configData' => $this->configData, 'rollback' => true]
+ )->run();
+ }
+}
diff --git a/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingIntegrationTest.xml b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingIntegrationTest.xml
new file mode 100644
index 0000000000000000000000000000000000000000..6efc88d78cd3836f00db79d2c567d3e6e38d1bb1
--- /dev/null
+++ b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingIntegrationTest.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+ -->
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../../../../../../vendor/magento/mtf/etc/variations.xsd">
+ <testCase name="Magento\Security\Test\TestCase\LockAdminUserWhenEditingIntegrationTest" summary="Lock admin user after entering incorrect password while editing integration">
+ <variation name="LockAdminUserWhenCreatingNewIntegrationTestVariation1">
+ <data name="configData" xsi:type="string">user_lockout_failures</data>
+ <data name="tag" xsi:type="string">severity:S2</data>
+ <data name="customAdmin/dataset" xsi:type="string">custom_admin_with_default_role</data>
+ <data name="initintegration/dataset" xsi:type="string">default_active</data>
+ <data name="integration/data/name" xsi:type="string">Integration%isolation%</data>
+ <data name="integration/data/current_password" xsi:type="string">incorrect password</data>
+ <data name="attempts" xsi:type="string">4</data>
+ <constraint name="Magento\Security\Test\Constraint\AssertUserIsLocked" />
+ </variation>
+ </testCase>
+</config>
\ No newline at end of file
diff --git a/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingRoleTest.php b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingRoleTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..bd7c8cef92d8a320b43615983a95ea724cce0d78
--- /dev/null
+++ b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingRoleTest.php
@@ -0,0 +1,140 @@
+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\Security\Test\TestCase;
+
+use Magento\User\Test\Page\Adminhtml\UserRoleEditRole;
+use Magento\User\Test\Page\Adminhtml\UserRoleIndex;
+use Magento\Mtf\TestCase\Injectable;
+use Magento\User\Test\Fixture\User;
+use Magento\User\Test\Fixture\Role;
+use Magento\Backend\Test\Page\AdminAuthLogin;
+
+/**
+ * Preconditions:
+ * 1. Create new admin user and assign it to new role.
+ * 2. Configure 'Maximum Login Failures to Lockout Account'.
+ *
+ * Steps:
+ * 1. Log in to backend as new created admin user.
+ * 2. Navigate to System > User Roles.
+ * 3. Start editing existing User Role.
+ * 4. Fill in all data according to data set (password is incorrect).
+ * 5. Perform action 4 specified number of times.
+ * 6. Admin account is locked.
+ * 7. Perform all assertions.
+ *
+ * @ZephyrId MAGETWO-49037
+ * @Group Security
+ *
+ */
+class LockAdminUserWhenEditingRoleTest extends Injectable
+{
+ /* tags */
+ const MVP = 'yes';
+ const SEVERITY = 'S2';
+ /* end tags */
+
+ /**
+ * UserRoleIndex page.
+ *
+ * @var UserRoleIndex
+ */
+ protected $userRoleIndex;
+
+ /**
+ * UserRoleEditRole page.
+ *
+ * @var UserRoleEditRole
+ */
+ protected $userRoleEditRole;
+
+ /**
+ * Configuration setting.
+ *
+ * @var string
+ */
+ protected $configData;
+
+ /**
+ * Admin login Page.
+ *
+ * @var AdminAuthLogin
+ */
+ protected $adminAuthLogin;
+
+ /**
+ * Setup data for test.
+ *
+ * @param UserRoleIndex $userRoleIndex
+ * @param UserRoleEditRole $userRoleEditRole
+ * @param AdminAuthLogin $adminAuthLogin
+ * @return void
+ */
+ public function __inject(
+ UserRoleIndex $userRoleIndex,
+ UserRoleEditRole $userRoleEditRole,
+ AdminAuthLogin $adminAuthLogin
+ ) {
+ $this->userRoleIndex = $userRoleIndex;
+ $this->userRoleEditRole = $userRoleEditRole;
+ $this->adminAuthLogin = $adminAuthLogin;
+ }
+
+ /**
+ * Runs Lock admin user when editing existing role test.
+ *
+ * @param Role $role
+ * @param Role $initrole
+ * @param int $attempts
+ * @param User $customAdmin
+ * @param string $configData
+ * @return void
+ */
+ public function test(
+ Role $role,
+ Role $initrole,
+ $attempts,
+ User $customAdmin,
+ $configData
+ ) {
+ $this->configData = $configData;
+ // Preconditions
+ $this->objectManager->create(
+ \Magento\Config\Test\TestStep\SetupConfigurationStep::class,
+ ['configData' => $this->configData]
+ )->run();
+ $customAdmin->persist();
+ $initrole->persist();
+ // Steps login to backend with new user
+ $this->adminAuthLogin->open();
+ $this->adminAuthLogin->getLoginBlock()->fill($customAdmin);
+ $this->adminAuthLogin->getLoginBlock()->submit();
+ $filter = ['rolename' => $initrole->getRolename()];
+ $this->userRoleIndex->open();
+ $this->userRoleIndex->getRoleGrid()->searchAndOpen($filter);
+ for ($i = 0; $i < $attempts; $i++) {
+ $this->userRoleEditRole->getRoleFormTabs()->fill($role);
+ $this->userRoleEditRole->getPageActions()->save();
+ }
+ // Reload
+ $this->adminAuthLogin->open();
+ $this->adminAuthLogin->getLoginBlock()->fill($customAdmin);
+ $this->adminAuthLogin->getLoginBlock()->submit();
+ }
+
+ /**
+ * Clean data after running test.
+ *
+ * @return void
+ */
+ public function tearDown()
+ {
+ $this->objectManager->create(
+ \Magento\Config\Test\TestStep\SetupConfigurationStep::class,
+ ['configData' => $this->configData, 'rollback' => true]
+ )->run();
+ }
+}
diff --git a/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingRoleTest.xml b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingRoleTest.xml
new file mode 100644
index 0000000000000000000000000000000000000000..1d081e5d2dd9af69f90aeed8b787c966238e62de
--- /dev/null
+++ b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingRoleTest.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+ -->
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../../../../../../vendor/magento/mtf/etc/variations.xsd">
+ <testCase name="Magento\Security\Test\TestCase\LockAdminUserWhenEditingRoleTest" summary="Lock admin user after entering incorrect password while editing existing role">
+ <variation name="LockAdminUserWhenEditingUserRoleTestVariation1">
+ <data name="configData" xsi:type="string">user_lockout_failures</data>
+ <data name="tag" xsi:type="string">severity:S2</data>
+ <data name="initrole/dataset" xsi:type="string">default</data>
+ <data name="customAdmin/dataset" xsi:type="string">custom_admin_with_default_role</data>
+ <data name="role/data/rolename" xsi:type="string">NewAdminRole%isolation%</data>
+ <data name="role/data/current_password" xsi:type="string">incorrect password</data>
+ <data name="role/data/resource_access" xsi:type="string">All</data>
+ <data name="attempts" xsi:type="string">4</data>
+ <constraint name="Magento\Security\Test\Constraint\AssertUserIsLocked" />
+ </variation>
+ </testCase>
+</config>
diff --git a/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingUserTest.php b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingUserTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..912ebef9e91054236cc6b85b91c3cd8d973b54e9
--- /dev/null
+++ b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingUserTest.php
@@ -0,0 +1,133 @@
+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Security\Test\TestCase;
+
+use Magento\User\Test\Page\Adminhtml\UserEdit;
+use Magento\User\Test\Page\Adminhtml\UserIndex;
+use Magento\Backend\Test\Page\AdminAuthLogin;
+use Magento\User\Test\Fixture\User;
+use Magento\Mtf\TestCase\Injectable;
+
+/**
+ * Preconditions:
+ * 1. Create new admin user.
+ * 2. Configure 'Maximum Login Failures to Lockout Account'.
+ *
+ * Steps:
+ * 1. Log in to backend as new created admin user.
+ * 2. Navigate to System > All Users.
+ * 3. Start editing existing User.
+ * 4. Fill in all data according to data set (password is incorrect).
+ * 5. Perform action 4 specified number of times.
+ * 6. Admin account is locked.
+ * 7. Perform all assertions.
+ *
+ * @ZephyrId MAGETWO-49035
+ */
+class LockAdminUserWhenEditingUserTest extends Injectable
+{
+ /* tags */
+ const MVP = 'yes';
+ const SEVERITY = 'S2';
+ /* end tags */
+
+ /**
+ * User grid page
+ *
+ * @var UserIndex
+ */
+ protected $userIndexPage;
+
+ /**
+ * User edit page
+ *
+ * @var UserEdit
+ */
+ protected $userEditPage;
+
+ /**
+ * @var $configData
+ */
+ protected $configData;
+
+ /**
+ * @var AdminAuthLogin page
+ */
+ protected $adminAuthLogin;
+
+ /**
+ * Setup data for test.
+ * @param UserIndex $userIndex
+ * @param UserEdit $userEdit
+ * @param AdminAuthLogin $adminAuthLogin
+ */
+ public function __inject(
+ UserIndex $userIndex,
+ UserEdit $userEdit,
+ AdminAuthLogin $adminAuthLogin
+ ) {
+ $this->userIndexPage = $userIndex;
+ $this->userEditPage = $userEdit;
+ $this->adminAuthLogin = $adminAuthLogin;
+ }
+
+ /**
+ * Runs Lock admin user when editing existing role test.
+ *
+ * @param User $user
+ * @param int $attempts
+ * @param User $customAdmin
+ * @param string $configData
+ * @return void
+ */
+ public function test(
+ $attempts,
+ User $customAdmin,
+ User $user,
+ $configData
+ ) {
+ $this->configData = $configData;
+
+ // Preconditions
+ $this->objectManager->create(
+ \Magento\Config\Test\TestStep\SetupConfigurationStep::class,
+ ['configData' => $this->configData]
+ )->run();
+ $customAdmin->persist();
+
+ // Steps login to backend with new user
+ $this->adminAuthLogin->open();
+ $this->adminAuthLogin->getLoginBlock()->fill($customAdmin);
+ $this->adminAuthLogin->getLoginBlock()->submit();
+ // Select user to edit.
+ $filter = ['username' => $customAdmin->getUsername()];
+ $this->userIndexPage->open();
+ $this->userIndexPage->getUserGrid()->searchAndOpen($filter);
+ // Edit user with wrong password
+ for ($i = 0; $i < $attempts; $i++) {
+ $this->userEditPage->getUserForm()->fill($user);
+ $this->userEditPage->getPageActions()->save();
+ }
+ // Reload
+ $this->adminAuthLogin->open();
+ $this->adminAuthLogin->getLoginBlock()->fill($customAdmin);
+ $this->adminAuthLogin->getLoginBlock()->submit();
+ }
+
+ /**
+ * Clean data after running test.
+ *
+ * @return void
+ */
+ public function tearDown()
+ {
+ $this->objectManager->create(
+ \Magento\Config\Test\TestStep\SetupConfigurationStep::class,
+ ['configData' => $this->configData, 'rollback' => true]
+ )->run();
+ }
+}
diff --git a/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingUserTest.xml b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingUserTest.xml
new file mode 100644
index 0000000000000000000000000000000000000000..e1ec2f79ce6b5d306e694c9d2ae8e8adea0d3387
--- /dev/null
+++ b/dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenEditingUserTest.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+ -->
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../../../../../../vendor/magento/mtf/etc/variations.xsd">
+ <testCase name="Magento\Security\Test\TestCase\LockAdminUserWhenEditingUserTest" summary="Lock admin user after entering incorrect password while editing existing user">
+ <variation name="LockAdminUserWhenEditingUseruserTestVariation1">
+ <data name="configData" xsi:type="string">user_lockout_failures</data>
+ <data name="tag" xsi:type="string">severity:S2</data>
+ <data name="customAdmin/dataset" xsi:type="string">custom_admin_with_default_role</data>
+ <data name="user/data/username" xsi:type="string">AdminUser%isolation%</data>
+ <data name="user/data/firstname" xsi:type="string">FirstName%isolation%</data>
+ <data name="user/data/lastname" xsi:type="string">LastName%isolation%</data>
+ <data name="user/data/email" xsi:type="string">email%isolation%@example.com</data>
+ <data name="user/data/password" xsi:type="string">123123qq</data>
+ <data name="user/data/password_confirmation" xsi:type="string">123123qq</data>
+ <data name="user/data/current_password" xsi:type="string">incorrect password</data>
+ <data name="attempts" xsi:type="string">4</data>
+ <constraint name="Magento\Security\Test\Constraint\AssertUserIsLocked" />
+ </variation>
+ </testCase>
+</config>
\ No newline at end of file