Sign in Register
Go to solution
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Jonathan Roberts 409 posts 1063 karma points
    May 24, 2016 @ 08:56
    Jonathan Roberts
    1

    increase Failed login attempts

    Using Umbraco And Getting Started
    Umbraco 7

    Hi, How can I change the amount of Failed login attempts into the Members area (not CMS Admin)? I am using Umbraco v7.

    Thanks Jon

    Copy Link
  • Dennis Adolfi 1082 posts 6446 karma points MVP 5x c-trib
    May 24, 2016 @ 09:00
    Dennis Adolfi
    0

    Hi Jonathan.

    Use the maxInvalidPasswordAttempts option in the web.config.

    See solution in this thread: https://our.umbraco.org/forum/extending-umbraco-and-using-the-api/77283-change-number-of-failed-login-attempts

    Copy Link
  • Jonathan Roberts 409 posts 1063 karma points
    May 24, 2016 @ 09:01
    Jonathan Roberts
    0

    Hi, I tried that but it didnt update the number in the Members CMS area - it still said 5 and it locked me out after 5.

    Jon

    Copy Link
  • Dennis Adolfi 1082 posts 6446 karma points MVP 5x c-trib
    May 24, 2016 @ 09:09
    Dennis Adolfi
    103

    Did you try the answer in the last post? Apperantly the answer marked as solution did´nt work for Natasha. I tried the last one:

    <add name="UmbracoMembershipProvider" type="Umbraco.Web.Security.Providers.MembersMembershipProvider, Umbraco" minRequiredNonalphanumericCharacters="0" minRequiredPasswordLength="8" useLegacyEncoding="true" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="Member" passwordFormat="Hashed" maxInvalidPasswordAttempts="10" />

    And that workes for me, the user can try to login up to 10 times, then he/she gets locked out. See image:

    enter image description here

    And if the member is not locked out and as soon as he/she enters the correct password, the "Faild attempts" gets set to 0.

    Also you wrote:

    it didnt update the number in the Members CMS area

    Do you mean the "Faied password attempts" number? I dont think this number sholud be changed after you edit the maxInvalidPasswordAttempts option, since the number in the Member CMS is the number of times the member already entered the wrong password.

    Also if your member is already locked-out, i dont think he/she will be un-locked just by changing the maxInvalidPasswordAttempts, since he is already locked out.

    Copy Link
  • Jonathan Roberts 409 posts 1063 karma points
    May 24, 2016 @ 09:17
    Jonathan Roberts
    1

    No - you are correct - it was my silly mistake - I updated the name="UsersMembershipProvider" and not the UmbracoMembershipProvider. my apologies. Thanks for your help - it worked a charm,

    Jon

    Copy Link
  • Dennis Adolfi 1082 posts 6446 karma points MVP 5x c-trib
    May 24, 2016 @ 09:19
    Dennis Adolfi
    0

    Awesome Jon, i was kinda suspecting that. I did the same mistake a few days ago. :) Great that it worked out for you!! Have a great day!!

    / Dennis

    Copy Link
Please Sign in or register to post replies

Write your reply to:

Draft