U4-9185 - lastLockoutDate does not get set when too many invalid password attempts are made

Created by Shannon Deminick 14 Nov 2016, 15:50:03 Updated by Claus Jensen 18 Nov 2016, 13:13:41

Tags: Unscheduled

When the user gets locked out the lastLockoutDate is not set.


Shannon Deminick 17 Nov 2016, 15:47:54

PR: https://github.com/umbraco/Umbraco-CMS/pull/1627

To test:

  • enter an invalid password for a user more than 5 times (or whatever you have configured)
  • ensure you can no longer log back in with the correct password
  • check the db user table, ensure the last lockout date is set
  • unlock the user - either via the back office or reset the userNoConsole db value (if you do this you'll need to bump the web.config)
  • log back in to the back office and ensure it works

Claus Jensen 18 Nov 2016, 13:13:34

Tested and works!

Priority: Normal

Type: Bug

State: Fixed


Difficulty: Normal


Backwards Compatible: True

Fix Submitted:

Affected versions: 7.5.4

Due in version: 7.5.5

Sprint: Sprint 46

Story Points: