This method is called by the System.Web.Security.Membership class to validate user information for a user in the SQL Server database specified in the ASP.NET application's configuration file (Web.config).

When a user is successfully validated, the last activity date and last sign-in date values are updated to the current date and time in the database.

If an incorrect password is supplied to the SqlMembershipProvider.ValidateUser(string, string) method, the internal counter that tracks invalid password attempts is incremented by one. This can result in the user being locked out and unable to log on until the lock status is cleared by a call to the SqlMembershipProvider.UnlockUser(string) method. If the correct password is supplied and the user is not currently locked out, then the internal counters that track invalid password and password-answer attempts are reset to zero. For more information, see the SqlMembershipProvider.MaxInvalidPasswordAttempts and SqlMembershipProvider.PasswordAttemptWindow properties.

Leading and trailing spaces are trimmed from all parameter values.

Namespace: System.Web.Security
Assembly: System.Web (in System.Web.dll)
Assembly Versions: 2.0.0.0
Since: .NET 2.0