How To Block The UserName After 3 Invalid Password Attempts

In this post we will learn How To Block The UserName After 3 Invalid Password Attempts.Earlier we have discussed How To Create Login Form In Asp.Net and How To Create Login Form – CSS3.

Here after three invalid login attempts we will show user that your account has been locked, contact system administrator for more information, to accomplish this we are using viewstate.

Design View:

01<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>
02 
03<!DOCTYPE html>
04 
05<html xmlns="http://www.w3.org/1999/xhtml">
06<head runat="server">
07<link href="Style.css" rel="stylesheet" />
08<title>How To Create Login Form In Asp.Net</title>
09</head>
10<body>
11<form id="form1" runat="server">
12<div>
13<h1 style="text-align:center">How To Create Login Form In Asp.Net</h1> 
14<div class="main">
15<div class="login">
16<p><asp:TextBox ID="uname" runat="server" type="text"  placeholder="Username"></asp:TextBox></p>
17<p><asp:TextBox ID="upass" runat="server" type="password"  placeholder="Password"></asp:TextBox></p>
18<p class="forgot">
19<label>
20<a href="#">Forgot Password ?</a>
21</label>
22</p>
23<p class="submit">
24<asp:Button runat="server" ID="submir" type="submit" Text="Login" OnClick="submir_Click" />
25</p>
26</div>
27<div class="footer">
28<p>&copy; 2013 All rights reserved by HighTechnology.in
29<a href="http://hightechnology.in" target="_blank">HighTechnology.in</a>
30| Hosting Partner <a href="http://www.grootstech.com" target="_blank">Grootstech Solutions</a>
31</p>
32</div>
33</div>   
34</div>
35</form>
36</body>
37</html>

Code View:

01using System;
02using System.Collections.Generic;
03using System.Linq;
04using System.Web;
05using System.Web.UI;
06using System.Web.UI.WebControls;
07using System.Data.SqlClient;
08using System.Data;
09using System.Configuration;
10public partial class _Default : System.Web.UI.Page
11{
12    protected void Page_Load(object sender, EventArgs e)
13    {
14 
15    }
16    protected void submir_Click(object sender, EventArgs e)
17    {
18        SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["connnn"].ConnectionString);
19        con.Open();
20        SqlCommand cmd = new SqlCommand("select * from users where UserName =@username and Password=@password", con);
21        cmd.Parameters.AddWithValue("@username", uname.Text);
22        cmd.Parameters.AddWithValue("@password", upass.Text);
23        SqlDataAdapter da = new SqlDataAdapter(cmd);
24        DataTable dt = new DataTable();
25        da.Fill(dt);
26        if (dt.Rows.Count > 0)
27        {
28            Response.Redirect("Home.aspx");
29        }
30        else
31        {
32            if (System.Convert.ToInt32(ViewState["Tries"]) > 3)
33                ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language='javascript'>alert('User Blocked, Contact System Administrator For More information.')</script>");
34            else
35            {
36                // Otherwise, increment number of tries.
37                ViewState["Tries"] = System.Convert.ToInt32(ViewState["Tries"]) + 1;
38                if (System.Convert.ToInt32(ViewState["Tries"]) > 3)
39                ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language='javascript'>alert('User Blocked, Contact System Administrator For More information.')</script>");
40            }
41 
42            ClientScript.RegisterStartupScript(Page.GetType(), "validation", "<script language='javascript'>alert('Invalid Username and Password.')</script>");
43        }
44    }
45}