Asp.Net c# web page refresh causes invalid login attempt
Posted on 2008-10-23
I am currently working on an ASP.NET c# web application.
I am using the ASP.NET website administration tool for my security.
At this time i do not have any custom HttpModules.
Everything seems to work except after i have authenticated a user and logged in, if that user refreshes his/her page a number of times the account is automatically locked out.
For now i have been going into the aspnet_Membership table to set the value for IsLockedOut to False
and the FailedPasswordAttemptCount to 0
Can somebody tell what is causing this and how to differentiate between a legitimate failed login attempt and when a user refreshes the web page?