Wonder if someone could spare me a few mins please. I have a live site and some of the site members are being locked out by the Is Locked Out flag being set to true against their particular record. I wasn't even aware of this flag until a couple of days ago (!) and I don't know what's setting this flag from false to true.
I thought that it might be being set after a certain number of login attempts fail but try as I might I can't seem to replicate whatever is setting the flag.
Does anyone have any information on field and what criteria causes it to be set? And can I stop it from setting?
On the UsersMembershipProvider you can add maxInvalidPasswordAttempts="10" or whatever value you want so people won't get locked out so easily. I believe the default is 10.
This default is there so that you are not prone to password guessing attacks.
I was facing this similar issue too. I couldn't find a way to disable it but it the number of attempts is configurable in the web.config in the membership settings. I set the maxInvalidPasswordAttempts to a high value to try and circumvent the situation
Member Is Locked Out
Hi all,
Wonder if someone could spare me a few mins please. I have a live site and some of the site members are being locked out by the Is Locked Out flag being set to true against their particular record. I wasn't even aware of this flag until a couple of days ago (!) and I don't know what's setting this flag from false to true.
I thought that it might be being set after a certain number of login attempts fail but try as I might I can't seem to replicate whatever is setting the flag.
Does anyone have any information on field and what criteria causes it to be set? And can I stop it from setting?
Thanks, Craig
On the
UsersMembershipProvideryou can addmaxInvalidPasswordAttempts="10"or whatever value you want so people won't get locked out so easily. I believe the default is 10.This default is there so that you are not prone to password guessing attacks.
Hi Craig,
I was facing this similar issue too. I couldn't find a way to disable it but it the number of attempts is configurable in the web.config in the membership settings. I set the
maxInvalidPasswordAttemptsto a high value to try and circumvent the situation/B.
Cool, thanks for that I shall give that a whirl
is working on a reply...