0

I have searched for the answer only to find answers about how to unlock a user that is locked in AspNetDb.

Is there a setting I can make in the web.config or anywhere else that will prevent an account from getting locked out after "x" number of FailedPasswordAttemptCount's?

Jon Harding
  • 4,928
  • 13
  • 51
  • 96

1 Answers1

1

As I know there is no setting which prevent an account to be locked if the user exceed MaxInvalidPasswordAttempts during PasswordAttemptWindow period.

SqlMembershipProvider defaults MaxInvalidPasswordAttempts to 5 and PasswordAttemptWindow to 10 minutes.

But you can set MaxInvalidPasswordAttempts to Int32.MaxValue and it will prevent user account to be locked.

<membership defaultProvider="SqlMembershipProvider">
  <providers>
    <add name="SqlMembershipProvider" 
    ... 
    maxInvalidPasswordAttempts="2147483647"/>
  </providers>
</membership>
mt_serg
  • 7,487
  • 4
  • 29
  • 45