Click here to Skip to main content
15,867,308 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hi I am a 3rd year college student, we have just moved on to form authentication in asp using c#. Instead of using a database to record usernames & passwords, we are storing them in the web.config file. What I need to know is this, how to record & display the number of failed login attempts.

Will be greatfull for any assistance with this.

liamoj
Posted
Comments
TryAndSucceed 8-Oct-13 18:29pm    
So, if you are storing the name and password, then when the user logs in again, loop through the saved users, if success, then do what you have to otherwise, increase the failed attempt value and store as you are storing user.
♥…ЯҠ…♥ 9-Oct-13 1:04am    
Do you want to log number of failed attempt in web.config? or just to show user with failed count?
liamoj 9-Oct-13 17:48pm    
Show the user
♥…ЯҠ…♥ 10-Oct-13 0:49am    
Then @tanweer solution will do the magic for you...... Try it

1 solution

Hi,

I have a similar code for invalid login attemps, check below code
C#
private static int cntAttemps = 0;
private void LoginUser()
{
    try
    {
        string userEmail = string.IsNullOrEmpty(txtUserEmail.Text) ? null : txtUserEmail.Text;
        string password = string.IsNullOrEmpty(txtPassword.Text) ? null : txtPassword.Text;

        bool success = CheckLogin(userEmail, password);

        if (!success)
        {
           //error message
            lblInvalidmsg.Text = string.Empty;
            InvalidLoginAttemps();
        }
        else
        {
               //success login message
                cntAttemps = 1;
                dvinvalid.Visible = false;
                lblInvalidmsg.Text = string.Empty;
              //may redirect to some page
        }
    }
    catch (Exception ex)
    {

    }
}

private void InvalidLoginAttemps()
{
    try
    {
        dvinvalid.Visible = true;
        cntAttemps++;
        lblInvalidmsg.Text = "Invalid login attemp(s) " + cntAttemps + ", attemps remaining " + Convert.ToInt32(3 - cntAttemps).ToString();
        if (cntAttemps > 3)
        {
            lblInvalidmsg.Text = "Sorry! your account is block now, please contact your administrator.";
           //code to block user
        }
    }
    catch (Exception ex)
    {

    }
}
Here CheckLogin is your login method to compare credentials from web.config will return true if success.
 
Share this answer
 
v3
Comments
liamoj 9-Oct-13 18:10pm    
Hi thanks for taking the time to help me with this, but I do not understand what, CheckLogin or dvinvalid is. this is what the form is made up of.

User Login Form<br />
<br />
User Name: 
<asp:TextBox ID="txtName" runat="server">
<br />
<br />
Password: 
<asp:TextBox ID="txtPassword" runat="server" TextMode="Password">
<br />
<br />
<asp:Button ID="btnSubmit" runat="server" onclick="btnSubmit_Click"
Text="Submit" />
<br />
<br />
<br />
Number of unsuccessful logins: 
<asp:Label ID="lblBadLogin" runat="server">
tanweer 10-Oct-13 0:35am    
Hi, CheckLogin is a Function in which you will compare your user name and password, if matched successfully then return true, and dvinvalid is a panel on the page that contains the Error lable

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900