Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

password protected 1

Status
Not open for further replies.
mccoy

mccoy

Programmer
Joined
Mar 1, 2001
Messages
2
Location
US
hey guys happy new year! I need some help. I've created a page that is password protected and it's working fine...On the 85th day after a user has registered, I want to show them a message that their password will expire in x-days, and give them an option of hitting on a button and going to an update page...Can someone please direct me to a code or give me some guidelines...anything will be appreciated

NB. One more thing, I also need to log my users out after 3 failed attempts to log in and show a message....

 
Sort by date Sort by votes

1) password time-out:

in the database, add a field with a date inserted. When the user changes the password, update the field to the current date. Everytime when the user logs in, check to match the difference between the date in the database and the current date while signing in.


2) 3 wrong pw lock-out:

create a session object, somthing like session("errCount") or somthing. on the verification page, you have the if/else statement and if the user has the correct user id and pwd, than log him in, if he doesn't, send him back to the login page. Well, within the "else" statement, have another one. Say if session("errCount") => 3 Then and have it send them to a "lock-out" page. Else session("errCount") = session("errCount") + 1. Now what if they sign in but back out, their session("errCount") is still holding the number unless you used a session.abandon. So, upon successfully logging into the site, set session("errCount") back to 0 (zero). additionally, what if the session times out but you want it locked out permanently until the administrator (you) unlocks their account? you can add a yes/no field in the database and upon the 3rd bad attempt, set the lockout (yes/no) field to true. Run a check for that also on the login verification page. If rs.lockout = true then send to "lock-out" page, else if session("errCount") => 3 Then send to "lock-out" page, else session("errCount") = session("errCount") + 1, response.redirect("originalLoginPage.asp")


Hope that helps. -Ovatvvon :-Q
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Swi
  • Locked
  • Question Question
Password Saving
Replies
3
Views
380
ChrisHirst
ChrisHirst
EricBCA
  • Locked
  • Question Question
Is it possible for ASP to connect to SQL Server via ODBC without a password
Replies
1
Views
291
ChrisHirst
ChrisHirst
jslmvl
  • Locked
  • Question Question
Protected content in a web page
Replies
5
Views
348
jslmvl
jslmvl
AzizKamal
  • Locked
  • Question Question
connect to protected excel workbook
Replies
7
Views
458
AzizKamal
AzizKamal
fmrock
  • Locked
  • Question Question
Password Encryption + change every 90 Days
Replies
5
Views
397
vicvirk
vicvirk

Part and Inventory Search

Sponsor

Back
Top