登录-仅允许3次尝试 [英] Login - Allow only 3 attempts
问题描述
我正在创建一个新应用程序..我已成功创建了登录页面..现在我需要修改登录页面..仅允许用户进行3次尝试..如果用户错误地输入了3次以上密码(在5分钟之内)他的帐户必须被阻止.并且您必须无法访问该页面时,错误消息才会显示..请分享您的想法...
I am creating a new application..I created a login page successfully..Now I need to modify the login page ..Only 3 attempts only allowed for a user ..If the user wrongly enters the password more than 3 times(within 5 min) his account must be blocked..And error message must be shown as You cant access your page ..Please share your ideas...
推荐答案
使用MembershipProvider,在web.config中的system.web中,您可以配置尝试次数和超时次数.根据您的要求设置maxInvalidPasswordAttempts ="3"和passwordAttemptWindow ="5".
use a MembershipProvider and in your web.config, in system.web you can configure number of attempts and timeouts. Set maxInvalidPasswordAttempts="3" and passwordAttemptWindow="5" for your requirements.
<membership defaultProvider="MyMembershipProvider">
<providers>
<clear/>
<add name="MyMembershipProvider"
type="MyMembershipProvider"
autogenerateschema="true"
connectionStringName="MyConnectionString"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="false"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="3"
minRequiredPasswordLength="8"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="5"
passwordStrengthRegularExpression=""
applicationName="/" />
</providers>
</membership>
这将需要一些配置,但是如果配置正确(甚至使用角色提供者),则默认的asp.net登录控件可以为您处理几乎所有内容,甚至包括PasswordRecovery和CreateUserWizard.MembershipProvider将自动生成所有必需的表以供用户注册.
This will require some configuration, but when configured properly (maybe even with a roleprovider) the default asp.net Login Controls can handle almost everything for you, even a PasswordRecovery and CreateUserWizard. The MembershipProvider will generate all required tables for user registration automatically.
数据库可以是mdb文件,ms sqlserver或mysql数据库.
The database can be a mdb file, ms sqlserver or mysql database.
这篇关于登录-仅允许3次尝试的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!