connectseekers.com

Wednesday, 8 March 2017

Lock User Account On Three Failed Login Attempts In Asp.Net Using C#

3/08/2017 - By Pranav Singh 0

This article will show you how you can deactivate user account after 3 consecutive failed login attempts in asp.net using c#. This validation will take from sql server database.

So for this article first we will create the user table in sql database.

After this we will create a new application in asp.net and add create a login form.

<table width="100%">
                <tr>
                    <td style="text-align: right;">User Id</td>
                    <td style="text-align: right;">
                        <asp:TextBox ID="txtUSerId" runat="server"></asp:TextBox></td>
                </tr>
                <tr>
                    <td style="text-align: right;">Password</td>
                    <td style="text-align: right;">
                        <asp:TextBox ID="txtPassword" runat="server" TextMode="Password"></asp:TextBox></td>
                </tr>
                <tr>
                    <td style="text-align: center;" colspan="2">
                    
                        <asp:Button ID="Button1" runat="server" Text="Submit" OnClick="Button1_Click" />
                        <br />
                        <asp:Label ID="lblmessage" runat="server" Style="color: #FF3300" Text=""></asp:Label></td>
                </tr>
            </table>

In above code I have created a login page. In this user id and password field is there. Now we will write code on button click.

        protected void Button1_Click(object sender, EventArgs e)
        {
            try
            {
                DataSet ds = new DataSet();

                SqlConnection con = new SqlConnection(@"Data Source=.\SQLEXPRESS;Initial Catalog=Demo;Integrated Security=True");
                string query = "select * from UserLoginDetail Where [UserId]='" + txtUSerId.Text + "' and [Password]='" + txtPassword.Text + "' and [StatusId]=1;";
                con.Open();
                SqlDataAdapter da = new SqlDataAdapter(query, con);
                da.Fill(ds);
                con.Close();
                if (ds.Tables[0].Rows.Count > 0)
                {
                    Session["LoginCount"] = 0;
                    Response.Redirect("SuccessPage.aspx");
                }
                else
                {
                    Session["LoginCount"] = Convert.ToInt32(Session["LoginCount"]) + 1;
                    if (Convert.ToInt32(Session["LoginCount"]) > 3)
                    {
                        lblmessage.Text = DeactivateLoginAccount();
                    }
                    else
                    {
                        lblmessage.Text = "Please enter a valid login detail.";
                    }
                }
            }
            catch
            {

            }
        }
        private string DeactivateLoginAccount()
        {
            DataSet ds = new DataSet();
            SqlConnection con = new SqlConnection(@"Data Source=.\SQLEXPRESS;Initial Catalog=Demo;Integrated Security=True");
            string query = "select * from UserLoginDetail Where [UserId]='" + txtUSerId.Text + "';Update UserLoginDetail set StatusId=0 Where [UserId]='" + txtUSerId.Text + "';";
            con.Open();
            SqlDataAdapter da = new SqlDataAdapter(query, con);
            da.Fill(ds);
            if (ds.Tables[0].Rows.Count > 0)
            {
                return "Your Account is Locaked. Please contact to admin.";
            }
            else
            {
                return "Please enter a valid login detail.";
            }
            con.Close();
        }

In above code I have stored the user failed login attempts into session. And after each fail attempt I am increasing the count. After 3 failed attempts If user enter wrong userid and password ion password. I have called a function named as DeactivateLoginAccount(). So check the detail explanation of this function.

  private string DeactivateLoginAccoint()
        {
            DataSet ds = new DataSet();
            SqlConnection con = new SqlConnection(@"Data Source=.\SQLEXPRESS;Initial Catalog=Demo;Integrated Security=True");
            string query = "select * from UserLoginDetail Where [UserId]='" + txtUSerId.Text + "';Update UserLoginDetail set StatusId=0 Where [UserId]='" + txtUSerId.Text + "';";
            con.Open();
            SqlDataAdapter da = new SqlDataAdapter(query, con);
            da.Fill(ds);
            if (ds.Tables[0].Rows.Count > 0)
            {
                return "Your Account is Locaked. Please contact to admin.";
            }
            else
            {
                return "Enter user id does not belong to application.";
            }
            con.Close();
        }

In above code I have first written query to select the use detail, and then updated. If have not enter the correct user id. On that case then he will we will not get ant value in dataset and we will display the message that user does not belong to application. Otherwise we will display the account lock message.

Now we have done just check the output.



Now check the table detail.


About the Author

We are the group of people who are expertise in different Microsoft technology like Asp.Net,MVC,C#.Net,VB.Net,Windows Application,WPF,jQuery,Javascript,HTML. This blog is designed to share the knowledge.

Get Updates

Subscribe to our e-mail newsletter to receive updates.

Share This Post

0 comments:

Please let me know your view

Free Ebooks


About Us

We are the group of people who are expertise in different Microsoft technology like Asp.Net,MVC,C#.Net,VB.Net,Windows Application,WPF,jQuery,Javascript,HTML. This blog is designed to share the knowledge.

Contact Us

For writing article in this website please send request by your

GMAIL ID: dotnetpools@gmail.com
Email Id : contact@aspdotnet-pools.com

Bugs and Suggestions

As we all know that this website is for sharing knowledge and providing proper solution. So while reading the article is you find any bug or if you have any suggestion please mail us at contact@aspdotnet-pools.com.

Partners


Top jQuery Plugins

Global Classified : Connectseekers.com
© 2014 aspdotnet-pools.com Design By:
back to top