Have you ever seen an unexpected "168-hour lockout" message in your Antigravity dashboard? It's one of those moments that can make your heart skip a beat. The good news is that this security feature exists to protect your account, and there are clear, actionable steps you can take to resolve it. The sections below explain what tends to trigger the lockout, what you can do to get it lifted sooner, and how to bring your account and projects back in full.
What Is Antigravity's 168-Hour Lockout?
Antigravity's 168-hour lockout is an automated security mechanism designed to protect your account when potential security concerns are detected. When your account is locked, you'll be unable to perform critical operations like:
- Creating or modifying API keys and tokens
- Launching new projects
- Making important configuration changes
- Deploying applications
- Purchasing additional credits or modifying resource allocations
The 168 hours—approximately one week—gives you time to investigate what happened and take corrective action. However, you can still view existing projects and access read-only information about your account.
Why Does the Lockout Happen?
Abnormal API Usage Spike
The most common trigger is a sudden surge in API calls or resource consumption. This can happen when:
- A buggy script enters an infinite loop in production
- Misconfigured code repeatedly calls the same endpoint
- Your infrastructure is under a DDoS attack, triggering defensive lockouts
- A third-party integration malfunctions and hammers your API quota
Antigravity's security system detects these patterns as potential account compromise and locks you out to prevent further damage.
Unrecognized Login or Device Access
If Antigravity detects login attempts from unfamiliar locations, multiple simultaneous geographic logins, or new devices accessing your account, it may trigger a lockout as protection against credential theft.
Suspected Terms of Service Violations
Antigravity's terms prohibit:
- Resource exploitation or "aggressive API hammering"
- Interfering with other users' services
- Using the platform for spam, malware, or data harvesting
- Automated scraping or data mining activities
If the system flags suspicious behavior matching these patterns, a lockout is initiated while your account is reviewed.
Unexpected Credit Depletion
Large, unexplained credit charges in a short timeframe—especially if different from your normal spending patterns—can trigger a security review and lockout.
What You Can and Cannot Do During Lockout
What You CAN Do
✓ View existing projects and code (read-only access) ✓ Review your account and billing information ✓ Access Antigravity documentation and help resources ✓ Contact support (and you absolutely should) ✓ Review your account activity logs
What You CANNOT Do
✗ Create new projects ✗ Generate, rotate, or update API keys ✗ Deploy applications or push updates ✗ Purchase additional credits ✗ Modify environment variables or secrets ✗ Transfer project ownership or modify permissions
How to Get Your Lockout Lifted Faster
Step 1: Investigate What Triggered It
Start by examining your Antigravity dashboard, specifically the Account & Security section:
- When did the lockout occur? Note the exact date and time
- Check your usage stats – Was there an unusual spike in API calls or credit consumption?
- Review login activity – Do you see any suspicious access from unfamiliar locations or devices?
If you have the Antigravity CLI installed, you can pull detailed activity logs:
# Retrieve account activity logs in JSON format
antigravity account logs --limit=100 --format=json --since="2026-03-29"
# Check for any errors or warnings
antigravity account logs --filter=error,warningLook for patterns: repeated failed requests, calls to endpoints you don't recognize, or timestamps that don't match your activity.
Step 2: Identify and Fix the Root Cause
Once you've identified what happened, take corrective action:
If it's a code issue:
- Review recent deployments for infinite loops, missing error handling, or unintended recursive calls
- Test the problematic code in a local environment
- Check for external API integrations that might be misconfigured
If it's an access issue:
- Change your password immediately
- Review connected devices and revoke any you don't recognize
- Check if API keys have been exposed in version control or logs
If it's a quota issue:
- Review your spending patterns
- Set lower credit limits per project
- Implement API rate limiting in your code
Step 3: Contact Antigravity Support
This step is crucial. Reaching out to support can cut your lockout time from 168 hours down to 24-48 hours. Send an email to Antigravity's support team with:
Subject: "Account Lockout Resolution Request - [Your Account Name/Email]"
Body should include:
Hello Antigravity Support,
My account was locked on [date and time]. I have investigated the cause
and identified the following:
Root Cause: [brief explanation]
Actions Taken: [what you've done to fix it]
Prevention Plan: [how you'll prevent this in the future]
I request a review of my account and would appreciate any additional
security recommendations.
Thank you,
[Your Name]
[Your Account Email]
Support typically responds within 24-48 hours. Be honest and thorough—transparency helps them expedite your case.
Step 4: File an Appeal If Necessary
If you believe the lockout was triggered by a false positive, you have the right to appeal:
Subject: Appeal - Account Lockout Review Request
Dear Antigravity Support,
I am writing to formally appeal the 168-hour account lockout applied to
my account on [date/time].
After thorough investigation, I have determined:
- The spike in usage was due to [legitimate explanation]
- I have since [taken corrective action]
- I have no history of policy violations
I respectfully request a manual review of this decision.
Sincerely,
[Your Name]
Appeals are reviewed within 3-5 business days. While waiting, Antigravity may grant temporary access restrictions relief.
Recovering Your Account After Lockout Release
Step 1: Secure Your Account Immediately
Once the lockout is lifted, your security is the priority:
1. Change Your Password
- Use a strong, unique password (mix of uppercase, lowercase, numbers, symbols)
- Don't reuse passwords from other accounts
2. Enable Two-Factor Authentication (if not already enabled)
antigravity account enable-2fa3. Regenerate All API Keys
- Delete old keys
- Generate new keys with a clear naming scheme
- Update your environment variables
4. Audit Connected Devices
- Review your login history
- Revoke access for unrecognized devices
- Consider setting up IP whitelisting if available
Step 2: Verify Your Projects Are Functioning
Test each project to ensure nothing was affected during the lockout:
# List all your projects
antigravity projects list
# Check the status of a specific project
antigravity project status --project-id=YOUR_PROJECT_ID
# Review recent logs for errors
antigravity logs --project-id=YOUR_PROJECT_ID --last=50 --level=errorIf you see "Invalid API Key" errors, update your environment variables with your newly generated keys:
# Update environment variable
export ANTIGRAVITY_API_KEY="YOUR_NEW_API_KEY"
# Verify the connection
antigravity auth testStep 3: Resume Pending Deployments
If you had deployments queued during the lockout, deploy them now:
# Deploy your latest code
antigravity deploy --project-id=YOUR_PROJECT_ID --verbose
# Monitor deployment progress
antigravity deploy logs --project-id=YOUR_PROJECT_ID --followMonitor the deployment logs carefully. If you see rate-limiting errors, you may need to implement exponential backoff in your code.
Preventing Future Lockouts
Monitor Your API Usage Actively
Set up regular usage reviews. Most Antigravity accounts show usage patterns that should be stable month-to-month. Deviation is a warning sign.
Best practices:
- Set budget alerts at 50%, 75%, and 90% of your monthly quota
- Implement API request logging in your application
- Create a dashboard that tracks API calls by endpoint
- Test load under realistic conditions before production deployment
Implement Proper Code Review Processes
Before any production deployment, verify:
- No infinite loops – Ensure all loops have exit conditions
- Proper error handling – Catch and log exceptions before they cascade
- Rate limiting – Throttle API calls appropriately
- Resource limits – Set timeouts on all API calls
// Good: With rate limiting and timeout
async function fetchDataSafely(apiKey, endpoint) {
const controller = new AbortController();
const timeout = setTimeout(() => controller.abort(), 5000); // 5 second timeout
try {
const response = await fetch(endpoint, {
headers: { Authorization: `Bearer ${apiKey}` },
signal: controller.signal
});
return response.json();
} catch (error) {
console.error('API call failed:', error);
return null;
} finally {
clearTimeout(timeout);
}
}Manage Credit Quotas Per Project
Set spending limits at the project level, not just account-wide. This prevents a single runaway project from consuming your entire monthly budget:
# Set a credit limit for a specific project
antigravity project set-quota --project-id=YOUR_PROJECT_ID --monthly-limit=100For more details on quota management, check out our guide on credit and quota troubleshooting.
Key Takeaways
Antigravity's lockout system protects your account and your work. If it happens to you:
- Stay calm – It's a security feature, not a permanent ban
- Investigate thoroughly – Look at usage logs and activity history
- Contact support – Don't wait the full 168 hours
- Fix the root cause – Whether it's code, access, or usage patterns
- Strengthen security – Regenerate keys, enable 2FA, monitor going forward
By following these steps, most lockouts are resolved within 2 days, and your account is stronger for it. If you need additional help troubleshooting, our setup errors FAQ covers related scenarios in depth.
Remember: Antigravity's support team wants to help you succeed. Reach out whenever you're stuck—that's what they're there for.
Further Reading
To deepen your understanding of API security and account protection, check out these resources: