If, however, the credentials are valid, then the Login control creates the forms authentication ticket and redirects the user to the appropriate page.The Login control uses four factors to determine the appropriate page to redirect the user to upon a successful login: Figure 4 depicts the how the Login control uses these four parameters to arrive at its appropriate page decision.To prevent such brute force attacks, the Membership framework locks out a user if there are a certain number of unsuccessful login attempts within a certain period of time.
In this tutorial we will examine how to validate a user's credentials against the Membership user store using both programmatic means and the Login control.
We will also look at how to customize the login control's appearance and behavior.
Similarly, you can use the Comment out the selected lines icon to comment out the selected code in the code-behind class.
Figure 2: Comment Out the Existing Declarative Markup and Source Code in (Click to view full-size image) .
In order to unlock an account, you can modify the database directly - change the table for the appropriate user account - or create a web-based interface that lists locked out accounts with options to unlock them.