Geeks With Blogs

News
Tiago Salgado .NET / SQL Server / IT / etc...

Since we don’t have a direct way to indicate that some user will be locked, the only way I got to do that, was forcing a wrong login multiple times, until reach the maximum attempts defined on “maxInvalidPasswordAttemps” attribute.

When we use ASP.NET Membership, on web.config file you have something like this:

<add name="AspNetSqlMembershipProvider"

type="System.Web.Security.SqlMembershipProvider"

connectionStringName="MyAppConnectionString"

enablePasswordRetrieval="false"

enablePasswordReset="true"

requiresQuestionAndAnswer="false"

requiresUniqueEmail="false"

maxInvalidPasswordAttempts="5"

minRequiredPasswordLength="6"

minRequiredNonalphanumericCharacters="0"

passwordAttemptWindow="10" applicationName="MyAppName" />

 

And the code I use is:

public static bool LockUser(MembershipUser user)
{
    try
    {
        for (int i = 0; i < Membership.MaxInvalidPasswordAttempts; i++)
            Membership.ValidateUser(user.UserName, "thisisandummypasswordonlytolocktheuser");

        return user.IsLockedOut;
    }
    catch (Exception)
    {
        throw;
    }
            
}

Hope it helps.

Posted on Monday, May 2, 2011 2:03 PM | Back to top


Comments on this post: ASP.NET Membership Lock User

# re: ASP.NET Membership Lock User
Requesting Gravatar...
Thanks very good article
Left by İhlas Temizlik Robotu on May 08, 2011 10:47 AM

Your comment:
 (will show your gravatar)


Copyright © Tiago Salgado | Powered by: GeeksWithBlogs.net