Re: MembershipProvider limit no effect.
- From: "ad" <flying@xxxxxxxxxxxxxxx>
- Date: Mon, 4 Dec 2006 03:42:30 +0800
Dose we need implement these features in my custom Membership provider or
just set these feature in web.config?
"Juan T. Llibre" <nomailreplies@xxxxxxxxxxx> ¼¶¼g©ó¶l¥ó·s»D:%23kHZbPsFHHA.5104@xxxxxxxxxxxxxxxxxxxxxxx
Typo...
Maybe 10 minutes is too long for the MaxInvalidPasswordAttempts property
?
Should have been :
Maybe 10 minutes is too long for the passwordAttemptWindow property ?
Sorry...
Try :
passwordAttemptWindow="2"
Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"Juan T. Llibre" <nomailreplies@xxxxxxxxxxx> wrote in message
news:ur5vFNsFHHA.3468@xxxxxxxxxxxxxxxxxxxxxxx
Maybe 10 minutes is too long for the MaxInvalidPasswordAttempts property
?
The MaxInvalidPasswordAttempts property works in conjunction with the
PasswordAttemptWindow
property to guard against an unwanted source using repeated attempts to
guess the password
or password answer of a membership user.
If the number of invalid passwords or password answers entered for a
membership user is greater
than or equal to the value of the MaxInvalidPasswordAttempts property
within the number of minutes
specified by the PasswordAttemptWindow property, then the user is locked
out of the Web site by
setting the IsLockedOut property to true until the user is unlocked by a
call to the UnlockUser method.
Try :
passwordAttemptWindow="2"
Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"Jon Paal" <Jon[ nospam ]Paal @ everywhere dot com> wrote in message
news:eH$L$3pFHHA.1816@xxxxxxxxxxxxxxxxxxxxxxx
<membership>
<providers>
<remove name="AspNetSqlMembershipProvider" />
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web,
Version=2.0.0.0, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="MyConnectionstring"
minRequiredPasswordLength="4"
minRequiredNonalphanumericCharacters="0"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="/"
requiresUniqueEmail="true"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
passwordAttemptWindow="10"
passwordStrengthRegularExpression="" />
</providers>
</membership>
"ad" <flying@xxxxxxxxxxxxxxx> wrote in message
news:uxoz2gfFHHA.3508@xxxxxxxxxxxxxxxxxxxxxxx
I have set some limit of MembershipProvider in web.config.
<add name="MyMembershipProvider" type="MyMembershipProvider"
MaxInvalidPasswordAttempts="3"
MinRequiredPasswordLength="6" />
But it no effect when valid user and change password.
How can I do?
.
- Follow-Ups:
- Re: MembershipProvider limit no effect.
- From: Juan T. Llibre
- Re: MembershipProvider limit no effect.
- References:
- MembershipProvider limit no effect.
- From: ad
- Re: MembershipProvider limit no effect.
- From: Juan T. Llibre
- Re: MembershipProvider limit no effect.
- From: Juan T. Llibre
- MembershipProvider limit no effect.
- Prev by Date: Re: Sticky Posts in GridView
- Next by Date: Re: Sending large files from one app to other
- Previous by thread: Re: MembershipProvider limit no effect.
- Next by thread: Re: MembershipProvider limit no effect.
- Index(es):
Relevant Pages
|
