asp.net

Hello Sir,

I have created login page in asp.net and if the user fails to login 3 times,then his account should be locked out.  I am having custom table and custom membership provider for valiating users in place. Can you please tell me how to implement this?.  

Sickandar
sickandarmAsked:
Who is Participating?
 
Rupesh PConnect With a Mentor Commented:
Storing the number of attempts in the viewstate or session won't be a good idea , a user can then exit the application and try again again without restriction.

Storing the value in the table field is a nice idea.
0
 
jjardineCommented:
You might try storing the number of login attempts in the viewstate or session state.  Then everytime they attempt to log in and it failed the count would increase.  WHen it gets to your threshold lock them out in the database by setting a flag in the table.  

You could also just create a failedLoginAttempts field in the table as well.   Every time they fail an attempt, increment the counter.  If they log in successfully, set the failedLoginAttempts back to 0.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.