lock account after 3 unsuccessful attempt [Resolved]

Posted by Rickeybglr under ASP.NET on 7/17/2012 | Points: 10 | Views : 12764 | Status : [Member] | Replies : 12

Write New Post |

Search Forums | Answered

Resolved Posts |

Un Answered Posts |

Forums Home

Hi,

i am validating the login information from database. i have written the SP for tht. but i want to lock the account for particular time period says(30 min) after giving 3 wrong password. how can i achieve ths.
below is my SP.
CREATEPROCEDURE [dbo].[USP_UserLogin]

@UserName varchar(50),
@Password VARCHAR (80)

AS
BEGIN
BEGIN TRY
DECLARE @name VARCHAR(50)
DECLARE @Pswd VARCHAR(80)
IF EXISTS(SELECT userID from UserInfoTB
WHERE username=@name AND userPswd=@Pswd COLLATE SQL_Latin1_General_CP1_CS_AS)
BEGIN
SELECT '0|Login successfully' AS result
END
ELSE
BEGIN
SELECT '1|Login Fail' AS result
SET @Count=@Count+1
SELECT @Count
END
END TRY
BEGIN CATCH
SELECT '3|Table not found' As result
END CATCH
END

[Resolved]

Reply | Reply with Attachment

Alert Moderator

Responses

Posted by: Dotnetrajanikanth on: 7/17/2012 [Member] Starter | Points: 50

0	I cannot give you the code but i can explain the concept. Create a column for wrong attempt. Create a table for Block_User. If wrongattempt > 3 add new row to the Block_User table. The row should contain the user id and LockedTime. while adding row set Locked Time as currenttime +30, then you can check with the second table and allow the user. if the current time greater than the lockedTime allow the user to login else do not. ____________ www.flickr.com/photos/psdesigner/ Rickeybglr, if this helps please login to Mark As Answer. \| Alert Moderator

I cannot give you the code but i can explain the concept.

Create a column for wrong attempt.

Create a table for Block_User.

If wrongattempt > 3 add new row to the Block_User table.
The row should contain the user id and LockedTime.

while adding row set Locked Time as currenttime +30,

then you can check with the second table and allow the user. if the current time greater than the lockedTime allow the user to login else do not.

____________
www.flickr.com/photos/psdesigner/

Rickeybglr, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: GSM_GSV on: 7/17/2012 [Member] Starter | Points: 25

0	I suggest you to use membership. The account will be locked automatically. But you need to write code for unlocking after particular interval of time. --------------------------------------- Live the life you've dreamed Regards MADHU Rickeybglr, if this helps please login to Mark As Answer. \| Alert Moderator

Posted by: Rickeybglr on: 7/17/2012 [Member] Starter | Points: 25

0	@GSM .. actualy i knw ths but i wanna do tht by coding. anywzz thnks dear @rajnikanth ..thnks i got the idea ll do tht and update ths post asap Rickeybglr, if this helps please login to Mark As Answer. \| Alert Moderator

Posted by: Dotnetrajanikanth on: 7/17/2012 [Member] Starter | Points: 25

0	Rickeybglr, If you are facing any problem regarding this please feel free to update this post. Let me know if it is successful. ____________ www.flickr.com/photos/psdesigner/ Rickeybglr, if this helps please login to Mark As Answer. \| Alert Moderator

Posted by: Rickeybglr on: 7/17/2012 [Member] Starter | Points: 25

0	Rajnikanth, i have followed ur stepss and added some of my logic also.. now i have achieved wat i want to do.. thnks to all.. and specally to rajnikanth.. Rickeybglr, if this helps please login to Mark As Answer. \| Alert Moderator

Posted by: Patel28rajendra on: 7/18/2012 [Member] Starter | Points: 25

0	Hi can you please post your code ? Regards R D Patel Rickeybglr, if this helps please login to Mark As Answer. \| Alert Moderator

Posted by: Rickeybglr on: 7/18/2012 [Member] Starter | Points: 25

0	hI, I am able to block the user.. but not able to activate the users automatically after some time period says (30 min.) can u pls suggest hw can i achieve ths. i am posting my SP here ALTER PROCEDURE [dbo].[USP_UserLogin] ( @UserName varchar(50), @Password VARCHAR (80) ) AS BEGIN BEGIN TRY IF EXISTS(SELECT userID from userRegistrationTB WHERE username=@UserName AND password=@Password COLLATE SQL_Latin1_General_CP1_CS_AS AND isActive=1) BEGIN SELECT '0\|Login successfully' AS result END ELSE BEGIN SELECT '1\|Login Fail' AS result exec USP_BlockUser @username,@password END END TRY BEGIN CATCH SELECT '3\|Table not found' As result END CATCH END -----to block the user----- CREATE PROCEDURE [dbo].[USP_BlockUser] ( @uname nvarchar (30), @pswd nvarchar(30) ) AS BEGIN DECLARE @ID int=0 Declare @tempAttempt int=0 SELECT @tempAttempt= wrongAttempt from userLogin where username=@uname if(@tempAttempt=0) BEGIN update userLogin set wrongAttempt=1 WHERE username=@uname END ELSE IF (@tempAttempt=1) BEGIN update userLogin set wrongAttempt=2 WHERE username=@uname END ELSE IF(@tempAttempt=2) BEGIN update userLogin set wrongAttempt=3 WHERE username=@uname END ELSE BEGIN UPDATE userRegistrationTB SET isActive=0 WHERE username=@uname END SET NOCOUNT ON; END after wrongAttempt counts gets equal to 3 it will set isactive flag if table to 0 Rickeybglr, if this helps please login to Mark As Answer. \| Alert Moderator

hI,

I am able to block the user.. but not able to activate the users automatically after some time period says (30 min.) can u pls suggest hw can i achieve ths.
i am posting my SP here
ALTER PROCEDURE [dbo].[USP_UserLogin]
(
@UserName varchar(50),
@Password VARCHAR (80)
)
AS
BEGIN
BEGIN TRY
IF EXISTS(SELECT userID from userRegistrationTB
WHERE username=@UserName AND password=@Password COLLATE SQL_Latin1_General_CP1_CS_AS AND isActive=1)
BEGIN
SELECT '0|Login successfully' AS result
END
ELSE
BEGIN
SELECT '1|Login Fail' AS result
exec USP_BlockUser @username,@password
END
END TRY
BEGIN CATCH
SELECT '3|Table not found' As result
END CATCH
END

-----to block the user-----
CREATE PROCEDURE [dbo].[USP_BlockUser]
(
@uname nvarchar (30),
@pswd nvarchar(30)
)
AS
BEGIN
DECLARE @ID int=0
Declare @tempAttempt int=0
SELECT @tempAttempt= wrongAttempt from userLogin where username=@uname
if(@tempAttempt=0)
BEGIN
update userLogin set wrongAttempt=1 WHERE username=@uname
END
ELSE IF (@tempAttempt=1)
BEGIN
update userLogin set wrongAttempt=2 WHERE username=@uname
END
ELSE IF(@tempAttempt=2)
BEGIN
update userLogin set wrongAttempt=3 WHERE username=@uname
END
ELSE
BEGIN
UPDATE userRegistrationTB SET isActive=0 WHERE username=@uname
END
SET NOCOUNT ON;
END

after wrongAttempt counts gets equal to 3 it will set isactive flag if table to 0

Rickeybglr, if this helps please login to Mark As Answer. | Alert Moderator

Posted by: Dotnetrajanikanth on: 7/18/2012 [Member] Starter | Points: 25

0	Rickeybglr, Nice code ____________ www.flickr.com/photos/psdesigner/ Rickeybglr, if this helps please login to Mark As Answer. \| Alert Moderator

Posted by: Rickeybglr on: 7/18/2012 [Member] Starter | Points: 25

0	thanks dear.. do u have any idea hw to activate users aftr particulat time period Rickeybglr, if this helps please login to Mark As Answer. \| Alert Moderator

Posted by: Dotnetrajanikanth on: 7/18/2012 [Member] Starter | Points: 25

0	Rickeybglr, Pls give me more details. ____________ www.flickr.com/photos/psdesigner/ Rickeybglr, if this helps please login to Mark As Answer. \| Alert Moderator

Posted by: Dotnetrajanikanth on: 7/18/2012 [Member] Starter | Points: 25

0	Rickeybglr, Better post it as a different post. We can discuss it there. ____________ www.flickr.com/photos/psdesigner/ Rickeybglr, if this helps please login to Mark As Answer. \| Alert Moderator

Posted by: Rickeybglr on: 7/18/2012 [Member] Starter | Points: 25

0	i have posted a new post.. http://www.dotnetfunda.com/forums/thread10555-enable-user-after-30-min-when-thy-get-disabled-by-entering-wrong-pass.aspx go thru ths Rickeybglr, if this helps please login to Mark As Answer. \| Alert Moderator

Latest Posts