一次或多次输入错误的密码，然后在登录页面中输入密码，然后锁定密码，然后重新找回密码 [英] one or more time wrong password enter in login page then lock the password and then how to retify it

问题描述

一次或多次输入错误的密码，然后在登录页面中锁定密码，然后重新进行密码

one or more time wrong password enter in login page then lock the password and then how to retify it

推荐答案

这取决于您处理密码输入的方​​式，以及您正在编写哪种应用程序.如果这是一个网站，那么我希望您使用的是成员资格，这意味着需要在该框架内进行处理.我说您已经为Windows应用程序开发了自己的应用程序，那么它需要以不同的方式进行处理.

不过，基本原理很简单，类似于丢失密码的处理:
计算密码错误"条目.
当他尝试输入密码时，请检查该计数:如果超过您的限制，则拒绝输入并显示已阻止"消息.
如果不是，请检查密码-如果有效，则将计数清零.
如果不是，则将计数增加一.如果现在已达到您的限制，请向用户的电子邮件发送一封电子邮件，其中包含用于重置密码的链接.然后拒绝带有上述消息的条目.

某些系统可能需要管理员重置密码-这取决于您的安全协议.

通常给人们三次机会是正常的-一击而你的出局有点过分苛刻！

It depends on how you handle your password entry, and what kind of application you are writing. If this is a web site, then I would expect you to be using Membership, which means it needs to be handled within that framework. I you have rolled your own for a windows app say, then it would need to be handled in a different manner.

The basic principle is simple though, and similar to lost password handling:
Count the "bad password" entries.
When he tries to enter a password, check the count: if it exceeds your limit then refuse entry with a "blocked" message.
If it doesn''t, then check the password - if it is valid, zero the count.
If it isn''t increase the count by one. If it now reached your limit, then send an email to the users email, with a link to follow to reset the password. Then refuse entry with the message as above.

Some systems may require a supervisor to reset the password - it depends on your security protocols.

It is normal to give people three chances though - one strike and your out is a bit draconian!

这篇关于一次或多次输入错误的密码，然后在登录页面中输入密码，然后锁定密码，然后重新找回密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！