Manual Unlocking Users?

[Justin Dutoit]

Hi folks. Pl. correct me here, because it looks like in ASP.NET 2.0 you have
to manually unlock users who have gotten their passwords wrong too many
times. Of course this would be impossible in a high volume web app, so would
someone mind explaining how unlock works to me? My old 1.1 apps set a
LockedUntil datetime and checked against that on each attempt.

Tks
JDT

 

[Brian Cryer]

Hi folks. Pl. correct me here, because it looks like in ASP.NET 2.0 you
have to manually unlock users who have gotten their passwords wrong too
many times. Of course this would be impossible in a high volume web app,
so would someone mind explaining how unlock works to me? My old 1.1 apps
set a LockedUntil datetime and checked against that on each attempt.

Just because ASP.NET 2 provides a framework for managing users don't feel
that you have to use it. I persevered with it for a few days before giving
up because it wouldn't quite do what I wanted (and my "framework" from my
old 1.1 apps did just fine).

 

[Cowboy \(Gregory A. Beamer\)]

Are you talking in Membership? If so, yes, it is a manual unlock.

If you want to automate unlock, you can create a utility that examines the
aspnet_membership table for locked accounts and unlocks if they have been
locked for X minutes, etc. You can also do this on hits to the site, but it
is a bit of overhead each time someone hits a page.