locked
How to limit access code attemtpts? RRS feed

  • Question

  • User1655654435 posted

    Hi, i have made a form where the already logged in users have to write an additional code in order to proceed (like a two-factor auth but without an external app/generator).

    But currently a user can use as many attempts as possible. The number is an int that they must match.

    How can i make sure they get no more than 5 attempts before being locked out? 

    Monday, August 19, 2019 11:50 AM

All replies

  • User475983607 posted

    How can i make sure they get no more than 5 attempts before being locked out? 

    Write code to save the number of attempts.  Use a table or standard ASP.NET state management; cookie, Session, querystirng, etc.  Then write code to check the number of attempts and return a message to the user if the attempts reach 5.

    Monday, August 19, 2019 1:04 PM
  • User1289604957 posted

    Hi,

    You can use ASP.NET Core <g class="gr_ gr_44 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" id="44" data-gr-id="44">rate limiting</g> middleware.

    https://github.com/stefanprodan/AspNetCoreRateLimit

    Best regards,

    Maher

    Monday, August 19, 2019 6:16 PM
  • User711641945 posted

    Hi bluMarmalande,

    You could set a field named RegisterFailureCount in your User table. You could judge the value whether it is over five or not when you log in.If over five,you could lock the user.If it is not over five and the the user fails to log in,the field's value would plus one and remind user how many times he attempts.

    Best Regards,

    Rena

    Tuesday, August 20, 2019 7:10 AM