How to disable account if user login fails continuously in Asp.Net Core identity

Question

Currently, I'm using Asp.net core 1.1, EF core & Asp.net core Identity in my system. I have a configure below in startup.cs class for the password policy.

Is there a configure to disable account when a user continuously login fails?

services.Configure<IdentityOptions>(options =>
{
    // Password settings
    options.Password.RequireDigit = true;
    options.Password.RequiredLength = 6;
    options.Password.RequireNonAlphanumeric = true;
    options.Password.RequireUppercase = true;
    options.Password.RequireLowercase = true;
}

Answer 1

You can simply do it like this

options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
options.Lockout.MaxFailedAccessAttempts = 5;
options.Lockout.AllowedForNewUsers = true;

For more details see this link

Answer 2

In your account controller, scroll down to public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)

Once there, set shouldLockout to true

var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: true);

How to disable account if user login fails continuously in Asp.Net Core identity

Question

2 answers

solution1
6 ACCPTED 2017-08-30 08:12:38

solution2
2 2017-08-30 08:09:48

How to disable account if user login fails continuously in Asp.Net Core identity

Question

2 answers

solution1 6 ACCPTED 2017-08-30 08:12:38

solution2 2 2017-08-30 08:09:48

solution1
6 ACCPTED 2017-08-30 08:12:38

solution2
2 2017-08-30 08:09:48