Hi Friends,
I am very new to .net field.now i am working with c#.net 1.1 and sql server.
I want to check whether the user is genuine or not..he/she must be restricted to enter the wrong username/password for more than three times.how to do this???/\
I have written the code like this,to check for the correct username/password
***************************************
private void Button3_Click(object sender, System.EventArgs e)
{

SqlConnection con1=new SqlConnection("server=localhost;Persist Security Info=False;User ID=sa;password=sa;Initial Catalog=sumith;Data Source=server0");


try
{


SqlCommand cmd1=new SqlCommand("select username,password from login",con1);
con1.Open();
SqlDataReader myreader = null;
myreader=cmd1.ExecuteReader();
while(myreader.Read())
{
if(TextBox4.Text == myreader["username"].ToString() && TextBox3.Text == myreader["password"].ToString())
{
Label6.Text="Login Successful";
}


if(TextBox4.Text != myreader["username"].ToString() || TextBox3.Text != myreader["password"].ToString())
{

Label6.Text="Login Failed";
}
}
}
}

catch(SqlException ex)
{

Label6.Text=ex.Message;

con1.Close();
}



}
}

******************************************************
How to interrupt the user from entering the wrong username/password for more than three times????
please help me with a piece of code

First thing to address is that you have a bad design approach. dont pass the passwords across networks. since you have a database in your design, try to use all the logic as stored procedures.

design a table that has the columns like
username
encryptedpassword
login_attempts
lastlogintime etc...

accept the username and the encryptedpwd from client and do the validation in stored procedure. in case of failure increment the login_attempts by 1. once this count reaches 3, you can lock the user or do the appropriate action.