ActiveDirectoryMembershipProvider.MaxInvalidPasswordAttempts Property
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Gets the number of failed answer attempts a user is allowed for the password-reset question.
public:
virtual property int MaxInvalidPasswordAttempts { int get(); };
public override int MaxInvalidPasswordAttempts { get; }
member this.MaxInvalidPasswordAttempts : int
Public Overrides ReadOnly Property MaxInvalidPasswordAttempts As Integer
Property Value
The number of failed password answer attempts a user is allowed before the account is locked. The default is 5
.
Exceptions
An attempt to access the MaxInvalidPasswordAttempts property was made before the ActiveDirectoryMembershipProvider instance was initialized.
Examples
The following code example shows a Web.config entry that configures an ActiveDirectoryMembershipProvider instance to lock out users who make three failed attempts to enter the password answer in a 10-minute time window. If the user is locked out, no further attempts to answer the password question may be made for 15 minutes.
<configuration>
<connectionStrings>
<add name="ADService" connectionString="LDAP://ldapServer/" />
</connectionStrings>
<system.web>
<membership defaultProvider="AspNetActiveDirectoryMembershipProvider">
<providers>
<add name="AspNetActiveDirectoryMembershipProvider"
type="System.Web.Security.ActiveDirectoryMembershipProvider,
System.Web, Version=2.0.3600, Culture=neutral,
PublicKeyToken=b03f5f7f11d50a3a"
maxInvalidPasswordAttempts="3"
passwordAttemptWindow="10"
passwordAnswerAttemptLockoutDuration="15" />
</providers>
</membership>
</system.web>
</configuration>
Remarks
When the EnablePasswordReset property is true
, the user must answer the password question to reset their password. The user is allowed a limited number of answer attempts within the time window established by the PasswordAttemptWindow property. If the number of password answer attempts is greater than or equal to the value stored in the MaxInvalidPasswordAttempts property, the user is locked out of further attempts for the number of minutes stored in the PasswordAnswerAttemptLockoutDuration property.
Note
This property does not control the number of failed logon attempts a user can make before being locked out. The Active Directory server handles failed logon attempts and is not affected by the value of this property.
The MaxInvalidPasswordAttempts property is set in your application's configuration file using the maxInvalidPasswordAttempts
attribute of the membership Element (ASP.NET Settings Schema) element. If the property is not set in the application's configuration file, the MaxInvalidPasswordAttempts property is set to the default value of 5
.
Applies to
See also
.NET
피드백
https://aka.ms/ContentUserFeedback
출시 예정: 2024년 내내 콘텐츠에 대한 피드백 메커니즘으로 GitHub 문제를 단계적으로 폐지하고 이를 새로운 피드백 시스템으로 바꿀 예정입니다. 자세한 내용은 다음을 참조하세요.다음에 대한 사용자 의견 제출 및 보기