Handling Invalid Passwords

TomTees · May 19, 2010, 10:37pm

Could someone please take a look at the pseudo-code below and let me know your thoughts on how I am handling Invalid Passwords?

Invalid Password
At {Authenticate Customer}, if the Password entered does not match the Password on file for a given Username…
The System informs the User that the Log-In failed.
The System notifies the User to “Make sure the Caps-Lock key is off.”
The System asks the User to try again.
The use-case continues at {Authenticate Customer}.
{Match Found}
If the User enters a valid Password, the use-case resumes at the next step…
{No Match Found}
If the User does not enter a valid Password after 3 attempts…
The System logs the failed attempt.
The System notifies the System Administrator.
The System locks the Customer’s Account for 1 hour.
The System notifies the User that the account has been “locked” for 1 hour.
The use-case ends.

TomTees

Topic		Replies	Views
Handling Invalid Usernames Get Started	0	359	May 19, 2010
Handling Cannot Remember Password Get Started	3	456	May 23, 2010
How to lock user account when user attempt 3 times for login Get Started	9	6531	October 8, 2014
Locking Out Account and Password Reset? Server Config security	12	9705	October 8, 2014
Block user account on unsuccessfull Login attempts Get Started	3	5025	March 8, 2010

Handling Invalid Passwords

Related topics