Block a Password in Database.

Hi to all. I need your help.

how to block a password in database when a user input continue three times incorrect password in asp .net.

You can add a Boolean/Bit field to the same database table and set the value to true/1 when user enters wrong password 3 times.

Check that field when user logs in and show him the message if his account is blocked.

Hi Manoj,

Try this...

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="Default.aspx.cs" Inherits="._Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>Untitled Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    <asp:Label ID="lb1" runat="server" Font-Bold="True" ForeColor="#FF3300"></asp:Label><br />
     <asp:Label ID="Label1" runat="server" Text="Name" Font-Bold="True"
            Width="100px" BackColor="#FFFF66" ForeColor="#FF3300"></asp:Label>
        <asp:TextBox ID="TextBox_user_name" runat="server" ForeColor="#993300" Width="100px"></asp:TextBox><br />
        <asp:Label ID="Label2" runat="server" Text="Password" Font-Bold="True"
            Width="100px" BackColor="#FFFF66" ForeColor="#FF3300"></asp:Label>
        <asp:TextBox ID="TextBox_password" runat="server" ForeColor="#CC6600"
            TextMode="Password" Width="100px"></asp:TextBox><br />
        <asp:Button ID="btn_login" runat="server" Text="Login" Font-Bold="True"
            BackColor="#CCFF99" onclick="btn_login_Click" /><br />
   
    </div>
    </form>
</body>
</html>



using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
namespace _Default
{
    public partial class _Default : System.Web.UI.Page
    {
        string strConnString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
        SqlCommand com;
        string str;
      

        protected void btn_login_Click(object sender, EventArgs e)
        {
            int i = Login(TextBox_user_name.Text, TextBox_password.Text);
            Session["j"] = Convert.ToInt32(Session["j"]) + i;
            int Res = Convert.ToInt32(Session["j"]);
            if (Convert.ToInt32(Session["j"]) < 3)
            {
               
               
            }
               
            else
            {
                Response.Write("<script>alert('User has been locked');</script>");
                Session.Abandon();
              
            }
        }
        private int Login(String uname, String pwd)
        {
            int Counter = 0;
            SqlConnection con = new SqlConnection(strConnString);
            con.Open();
            str = "Select * from login where Username = '" + TextBox_user_name.Text + "' ";
            com = new SqlCommand(str, con);
            SqlDataReader reader = com.ExecuteReader();
            while (reader.Read())
            {
                string UserName = reader[0].ToString();
                string Password = reader[1].ToString();
                 if ((TextBox_user_name.Text == UserName) && (TextBox_password.Text == Password))
                 {
                 Counter = 0;
                 }
                else
                {
                Counter = 1;
                } 
            }
            return Counter;
        }
    }
}


Thanks