[Last Call] Learn how to a build a cloud-first strategyRegister Now



Posted on 2008-11-17
Medium Priority
Last Modified: 2013-12-17
Hello Sir,

I have created login page in asp.net and if the user fails to login 3 times,then his account should be locked out.  I am having custom table and custom membership provider for valiating users in place. Can you please tell me how to implement this?.  

Question by:sickandarm
LVL 14

Expert Comment

ID: 22974970
You might try storing the number of login attempts in the viewstate or session state.  Then everytime they attempt to log in and it failed the count would increase.  WHen it gets to your threshold lock them out in the database by setting a flag in the table.  

You could also just create a failedLoginAttempts field in the table as well.   Every time they fail an attempt, increment the counter.  If they log in successfully, set the failedLoginAttempts back to 0.

Accepted Solution

Rupesh P earned 1500 total points
ID: 22983568
Storing the number of attempts in the viewstate or session won't be a good idea , a user can then exit the application and try again again without restriction.

Storing the value in the table field is a nice idea.

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For those of you who don't follow the news, or just happen to live under rocks, Microsoft Research released a beta SDK (http://www.microsoft.com/en-us/download/details.aspx?id=27876) for the Xbox 360 Kinect. If you don't know what a Kinect is (http:…
Simulator games are perfect for generating sample realistic data streams, especially for learning data analysis. It is even useful for demoing offerings such as Azure stream analytics, PowerBI etc.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses
Course of the Month17 days, 18 hours left to enroll

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question