I am creating a new application..I created a login page successfully..Now I need to modify the login page ..Only 3 attempts only allowed for a user ..If the user wrongly enters the password more than 3 times(within 5 min) his account must be blocked..And error message must be shown as You cant access your page.
I have login page, users enter their username and password ... I want when users enter their password wrong after 3 time they can't enter password until 24 hours after that they can try it again, How i can do it?
Language-Asp.net(c#) 2008 Sql Server 2005 well i designed a simple login form which checks the user and password with sql server but now i want to make it a little bit more secured basically i want if a user attempts wrong password with more then 3 /5 times. his id or username should be locked(which i will be running a update procedure) or he must be redirect to denied.htm and one more thing he should be able to get only n only 3/5 attempts whether he opens firefox browser,internet explorer ,safari,google chrome or any other browser
I have developed an application in ASP.NET 3.5 which utilizes the Membership and Roles Providers and Forms Authentication to manage user access and profiles.
There are various area's of this application that are only to be used by an admin users whom login using their email and password and the rest of the users log in using their telephone number and password via their iPhone.
For simplicities sake, I would like to have two different login pages, one that is formatted for the iPhone and performs the correct validation for users adding a telephone number and the other for the application administrators.
I want to redirect the user to their respective login page based on which folder they are attempting to access. For example say I have an application structure like this
I'm creating a login page. I want to limit the number of login attempts, say not more than 5, in case of wrong.I want to do it without using the asp:loghin controls and the membership.How can restrict it??
I have a new server that I am attempting to deply my very first asp.net website on. I have installed SQL 2008 r2 and loaded my DB on it. I am able to access the server/DB through Visual Stuidio. At least I know i can call it from the webserver to my local PC.
For some reason I just cant get my we.config's connection strong right. It might even be the <provider> info that I have wrong. I am just too inexperienced to know for sure. My Web.Config is very short so I will post all of it here.
-- Code is posted at the end --
How do I modify my local project to use my webservers DB instead of the standard SQL Express DB? The only connection string
Machine.Config that points to the sqlexpress database. Again I lack the experience to know how to do this. I am using Visual Studio 2010 and SQL Server 2008 r2 on my local pc.
user phoned me and said he received an error when attempting to login stating that his account had been locked. I had to unlock the user account today manually through the user interface. Several hours later I had to do it again. Afterwards, when I looked at the aspnet_Membership table it showed NO failed login attempts. LastLockout date for that particular user was set to min date. FailedPasswardAttemptCount was zero. FailedPasswordAttemptWindowStart was min date. I then proceeded to fail logging with the users account name.
Iam very new to this forums as well as ASP dot Net...i was succesful to write this code in 3 to 4 ways but im not getting using the below method.
here it goes...
Task Name : Disable User Name after 3 invalid Password Attempts using "SESSIONS" & "VIEW STATE" with SQL Server as Database i want code in "C#"
In Detail :
When i Enter a User name and Password correctly and click Login it will Re-Direct to Destination Page.
But when i enter same User Name but invalid password 3 times then the user name should be blocked (After The User Name has been blocked the user will send an email to Admin that my user name has been blocked so Reset etc etc and the Admin will Reset The new Password)
Here Create the User Name & Password In SQL Table Directly. As We give the user name & password to users...also create another column in Table for an integer so that when it hits to 3 it should block the user name and also another column for status.
For Counting the values till 3 donot use static integers..instead use SESSIONS also use VIEWSTATE
I have a C# custom ASP.Net MembershipProvider. When the user attempts to navigate to another part of the site after IIS is restarted, it doesn't navigate to the login page to collect credentials, but instead attempts to authenticate with empty credentials.
what I have to do to identify that the new authentication needs to take place and that new creds need to be gathered?
I have a complementary custom IHttpModule implementation that allows me to intercept events like BeginRequest and AuthenticateRequest, if that helps.
This is really a couple of questions about preventing unauthorized attempts to access a specific file type. Here go the questions:How do I prevent users from directly requesting a type of file? Do I write an HTTP handler?After preventing a direct download, can my app still explicitly serve that file type? How?
My workstation does not have Internet access, but it uses a DNS server on the LAN. Every time I start any ASP.NET application from Visual Studio with either F5 or Ctrl-F5, the workstation (I don't know whether it's Visual Studio or Webdev.Webserver.exe) asks the DNS server for the IP address of "time.windows.com". The application is not started until the LAN-only DNS server returns an error, which results in a 10-second delay, during which the Internet Explorer is started, but displays a white background. Is there any way to prevent these connection attempts?
After reading a book I brought on ASP.net I fould the login controls to be very nice.I have set it up in my application so that customers can login using the standaard login controls and things were going smooth.But in my schema for my application I also have a table for customers (firstName, LastName, DOB, etc).And of course the customersID is used as a foreign key to tables such as Orders, Addresses (Home, Work, Postal).
The thing is how to i associate an asp.net login to a customer name in my table so that the CustomerID can be used through the application by knowing who is logged in.
want to use ligh box effect like i have login control and i want to show login control in ligh box effect so its like if i open on login link login control wil show and same time we can control click anywhere in page ??
We have created a windows application which is distributed amongst our clients. The application uses SQL Server 2008 as the back end and each client uses their own database on their own server. The databases are all exactly the same but each clients data is specific only to them.
We would like to offer our clients the ability to log-in to our website which would then login to their own database so that when they are out in the field they can perform similar tasks to what they can do with the windows app.Each of the clients databases has a user table containing their login details, permissions etc.
Our server is running on IIS and has SQL Server 2008 installed but it only contains our data and nothing of the clients.How should we go about this?
What I mean is do we need to make each client have an additional login to our main server which would then hold each clients individual connection strings etc which would then be used to connect to there specific database and then they would need to login again?? Seems like a nightmare for the user.
I've a Gmail account, assume that email@example.com. Now I want to login (as admin) in my website through this account. I know I can use OpenID etc. for that purpose but I want to limit it for just me only. Can I do this? I don't let anyone else to know which service I used to login and what is my address and etc. (Note: My website contains just one and only one login form, for just me, only!)