7 votes

Lockout Membership Provider

Updated to support Umbraco 7 - For Umbraco 7 use version 2.0

This is an extension to the default UsersMembershipProvider which adds lockout functionality.

This will help to reduce the chance of a brute force attack on the backend login area suceeding. I've blogged abouit this if you are interested.

http://www.gibedigital.com/blog/preventing-umbraco-brute-force-cracking

This will lock a user out of the backend if they enter the incorrect password a specified number of times within a specified window. The user will be able to login when then window has expired.

You can set these values on the UsersMembershipProvider in the web.config. By default they're set to 5 attempts within 10 minutes. 

Screenshots

 Download package
version 2.0

Project owner

Steve Temple

Steve Temple

Steve has 226 karma points

Project Compatibility

This project is compatible with the following versions as reported by community members who have downloaded this package:
Untested or doesn't work on Umbraco as a Service
7.5.x (untested)
7.4.x (untested)
7.3.x (0%)
7.2.x (100%)
7.1.x (100%)
7.0.x (100%)
6.1.x (100%)
6.0.x (100%)

You must login before you can report on package compatibility.

Project Information

  • Project owner: Steve Temple
  • Created: 12/06/2013
  • Current version 2.0
  • License MIT
  • Downloads: 1488

External resources

Our.umbraco.org is the community mothership for Umbraco, the open source asp.net cms. With a friendly forum for all your questions, a comprehensive documentation and a ton of packages from the community. This site is running Umbraco version 7.5.2