ASP.Net Form Security

Discussion in 'ASP .Net' started by Big E, Feb 3, 2004.

  1. Big E

    Big E Guest

    I'm using ASP.Net Form Security. I have a login page and a redirect page
    etc...
    What I want to do is setup some type of anti-dictionary hack code.

    If someone tries to login unsuccessfully 7 times I want to send them a
    custom error page. I'm not sure of the best way to check if they had tried
    to login 7 times. Do I need to store in a database. I can't use session
    variables because I have various apps on various servers. Can I create some
    loop that counts how many times this user has attempted to logon.

    Any tips or articles would be great.

    Thanks.
    Big E, Feb 3, 2004
    #1
    1. Advertising

  2. Increment a counter field for the user record in your database.
    If somebody fails the login for that user x number of times, disable the
    user account and contact the user to notify them that somebody may be trying
    to hack into their account. If everything checks out then enable their
    account again.

    --
    I hope this helps,
    Steve C. Orr, MCSD, MVP
    http://Steve.Orr.net


    "Big E" <> wrote in message
    news:...
    > I'm using ASP.Net Form Security. I have a login page and a redirect page
    > etc...
    > What I want to do is setup some type of anti-dictionary hack code.
    >
    > If someone tries to login unsuccessfully 7 times I want to send them a
    > custom error page. I'm not sure of the best way to check if they had tried
    > to login 7 times. Do I need to store in a database. I can't use session
    > variables because I have various apps on various servers. Can I create

    some
    > loop that counts how many times this user has attempted to logon.
    >
    > Any tips or articles would be great.
    >
    > Thanks.
    >
    >
    Steve C. Orr [MVP, MCSD], Feb 3, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Sumi

    ASP.NET 2.0 Form Security Error

    Sumi, Mar 21, 2006, in forum: ASP .Net
    Replies:
    2
    Views:
    422
    S. Justin Gengo
    Mar 21, 2006
  2. Aaron
    Replies:
    1
    Views:
    348
    John C. Bollinger
    Aug 4, 2003
  3. Dinis Cruz

    Asp.Net Security Analyser (new security tool by DDPlus)

    Dinis Cruz, Oct 8, 2003, in forum: ASP .Net Security
    Replies:
    2
    Views:
    136
    Dinis Cruz
    Oct 11, 2003
  4. Michael Randrup
    Replies:
    3
    Views:
    301
    Henning Krause [MVP]
    Mar 27, 2006
  5. Kursat
    Replies:
    1
    Views:
    315
    Dominick Baier
    May 7, 2007
Loading...

Share This Page