passwordAttemptWindow is not being used in web.config.
Hi everyone,
I am using lock out functionality in my site and everything is working great.
Umbraco is taking maxInvalidPasswordAttempts into consideration, however the field umbracoMemberFailedPasswordAttempts is not being reset in accordance to passwordAttemptWindow.
Is this a bug?
Should I implement my own process to reset the field? (Seems ugly).
passwordAttemptWindow is not being used in web.config.
Hi everyone,
I am using lock out functionality in my site and everything is working great. Umbraco is taking maxInvalidPasswordAttempts into consideration, however the field umbracoMemberFailedPasswordAttempts is not being reset in accordance to passwordAttemptWindow.
Is this a bug? Should I implement my own process to reset the field? (Seems ugly).
Thanks!
Hey - did you get an answer or solution to this?
I'm having exactly the same problem on 7.4
maxInvalidPasswordAttempts works as expected, invoking a noConsole change in the DB for the user concerned
But
passwordAttemptWindow seems to only control the attempt window without any reset after the time period elapses.
I'm stuck.
Neil
is working on a reply...