I'm fairly new to ASP.NET and i'm using the Membership Provider. I have the need to do similar to some banking sites. Baically I need to track "authorized" computers/ip's for a user. If the user accesses the site form a recognized Computer/IP then the user is allowed into the app after successful login. If the computer/IP is not recognized I need to redirect them to a screen to answer the security question setup in fhte Membership Provider.
Has anyone done anything like this or can anyone point me to any examples? I did a search, but can't seem to find anything.
My idea is to maintain a list of authorized computers/IP addresses and check them on initial login. If the IP address isn't found I can redirect them to the questions. My concern is that they are then actually authenticated and could enter any of the site URL's as an authenticated user.
Any suggestions greatly appreciated.
View Complete Post