Blocking users who fail to login after 3 attempts

Blocking users who fail to login after3 attempts


(1)      We have now a new business rule which require that users who fail to login into the application after three attempt must be blocked. This is important to avoid fraud, once blocked the individual concerned must give convincing reasons to the administrator why there were blocked. I know very well that Ms Access is weak in this area, is there any VBA code that can help?
The required code should have also a way of unblocking staff by the system admin.
Hankwembo Christopher,FCCA,FZICA,CIA,MAAT,B.A.ScDirectorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ste5anSenior DeveloperCommented:
hmm, why do they have to login?

You should control this by design. Split your database in a UI front-end on the client and a data back-end on the server. Control the access to the back-end database by setting the appropriate NTFS permissions on the containing folder according to your business rules. Thus create a security group for your application users and add the users.

Then users can "SSO" by simply authenticating with their Windows credentials.
Hankwembo Christopher,FCCA,FZICA,CIA,MAAT,B.A.ScDirectorAuthor Commented:
We have a proper logon form, this form have the code behind it :

(1) This form controls who goes in the application FE , for sure we have the BE on the server and it is encrypted with a password
(2) The code behind it controls the login system
(3) The same form provides the login details to another form where users can change their passwords  and also a link to another form that controls the user rights addition or revoking


ste5anSenior DeveloperCommented:
The code behind it controls the login system

I don't doubt that. But it is imho not necessary. Cause users are already logged on into Windows. Just use this as SSO.

Controlling different user rights is then bound to the Windows account name:

Option Compare Database
Option Explicit

Private Declare Function GetUserNameA Lib "AdvApi32" (ByVal lpBuffer As String, nSize As Long) As Long

Public Function GetUserName() As String

  Const BUFFER_SIZE As Long = 100

  Dim Buffer As String
  Dim Result As Long
  Dim Size As Long

  Buffer = String(BUFFER_SIZE + 1, 0)
  Size = BUFFER_SIZE + 1
  Result = GetUserNameA(Buffer, Size)
  If Result <> 0 Then
    GetUserName = Left(Buffer, Size - 1)
  End If

End Function

Open in new window

Dale FyeOwner, Developing Solutions LLCCommented:
Assuming you have a form with userid and password, and a "login" command button, then something like the following would prevent them from logging in:
Private Sub cmd_Login_Click

    Static intCount as integer
    Dim strCriteria as string
    Dim strPassword  as String

    intCount = intCount + 1
    strCriteria = "[UserID] = '" & me.txt_UserID & "'"
    strPassword = NZ(DLookup("Password", "tblEmployees", strCriteria), "None")

    if me.txt_Password = strPassword Then
        'do something here open main form or enable the button that takes you to some other form
    Elseif intCount >= 3 then
        msgbox "You have failed to login properly three times!"
    End If

End Sub

Open in new window


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ste5anSenior DeveloperCommented:
Never store passwords!

When you need to store credentials, then store a salted hash of the password instead.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Access

From novice to tech pro — start learning today.