Gets the number of invalid password or password-answer attempts that are allowed before the membership user is locked out.
Assembly: WebMatrix.WebData (in WebMatrix.WebData.dll)
The property works together with the PasswordAttemptWindow property to guard against a malicious user guessing a user account password or security-question answer through repeated attempts. If the number of invalid passwords or security-question answers supplied for a user account is greater than or equal to the PasswordAttemptWindow value within the number of minutes specified by the PasswordAttemptWindow property, the IsLockedOut property is set to true. To unlock the user account, call the UnlockUser(String) method. If a valid password or security-question answer is supplied before the value is reached, the counter that tracks the invalid attempts is reset to zero.
The counts of invalid passwords and of password-answer attempts accumulate independently. For example, if the property is set to 5, and if three invalid password attempts are made followed by two invalid security-question answer attempts, two more invalid password attempts (or three more invalid security-question answer attempts) must be made within the PasswordAttemptWindow time interval for the user account to be locked out.
If the RequiresQuestionAndAnswer property is set to false, invalid password-answer attempts are not tracked.
Invalid password and security-question answer attempts are tracked in the ValidateUser(String, String), ChangePassword(String, String, String), ChangePasswordQuestionAndAnswer(String, String, String, String), GetPassword(String, String), and ResetPassword(String, String) methods.