Lockout a user account in ASP.NET Identity


In order to lockout a user account in ASP.NET Identity, we use two properties: the LockoutEnabled property and the LockoutEndDateUtc property.


The following are the default properties of a user in ASP.NET Identity :

user properties in asp.net identity

The LockoutEnabled property indicates that the lockout is enabled for a user. Be careful, by setting this property to true it does not mean that the user is locked out, it only means that the lockout is enabled for this user. The LockoutEndDateUtc property indicates when the lockout ends and be careful, any time in the past is considered not locked out.

By using these two properties together, you can lockout a user for a specific amount of time.

// Locking out a user for 10 minutes 
user.LockoutEnabled = true;
user.LockoutEndDateUtc = DateTime.Now.AddMinutes(10);

In preceding code, we enable the lockout for the user by setting the LockoutEnabled property to true . After that, we add 10 minutes to the current datetime by using the AddMinutes method and we set the resulted value to the LockoutEndDateUtc property. This will result in locking the user for 10 minutes.

Note : In order to lockout a user forever or at least until unlocking it again, set LockoutEndDateUtc to : DateTime.MaxValue.

See also