public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) {
			if (ValidPassword(username, password) == false) {
				status = MembershipCreateStatus.InvalidPassword;
				return null;
			}

			if (RequiresUniqueEmail && GetUserNameByEmail(email) != "") {
				status = MembershipCreateStatus.DuplicateEmail;
				return null;
			}

			MembershipUser u = GetUser(username, false);

			if (u == null) {
				var createAt = DateTime.Now;

				var usr = new Usr();
				usr.Id = ObjectId.NewObjectId();
				usr.Username = username;
				usr.Password = EncodePassword(password);
				usr.Email = email;
				usr.PasswordQuestion = passwordQuestion;
				usr.PasswordAnswer = EncodePassword(passwordAnswer);
				usr.IsApproved = isApproved;
				usr.CreationDate = createAt;
				usr.LastPasswordChangedDate = createAt;
				usr.LastActivityDate = createAt;
				usr.ApplicationName = ApplicationName;
				usr.IsLockedOut = false;
				usr.LastLockedOutDate = createAt;
				usr.FailedPasswordAnswerAttemptCount = 0;
				usr.FailedPasswordAnswerAttemptWindowStart = createAt;
				usr.FailedPasswordAttemptCount = 0;
				usr.FailedPasswordAttemptWindowStart = createAt;

				Db.Add(usr);
			}

			status = MembershipCreateStatus.Success;
			return GetUser(username, false);
		}
		MembershipUser ToMembershipUser(Usr usr) {
			if (usr == null)
				return null;

			return new MembershipUser(this.Name, usr.Username, usr.Id.ToString(), usr.Email,
				usr.PasswordQuestion, usr.Comment, usr.IsApproved, usr.IsLockedOut,
				usr.CreationDate, usr.LastLoginDate, usr.LastActivityDate, usr.LastPasswordChangedDate,
				usr.LastLockedOutDate
			);
		}
		Usr UpdateFailureCount(Usr usr, string failureType = FailurePassword) {
			var getFailureCount = new Func<int>(() => failureType == FailurePasswordAnswer ? usr.FailedPasswordAnswerAttemptCount : usr.FailedPasswordAttemptCount);
			var setFailureCount = new Action<int>((val) => { if (failureType == FailurePasswordAnswer) { usr.FailedPasswordAnswerAttemptCount = val; } else { usr.FailedPasswordAttemptCount = val; } });
			var getWindowStart = new Func<DateTime>(() => failureType == FailurePasswordAnswer ? usr.FailedPasswordAnswerAttemptWindowStart : usr.FailedPasswordAttemptWindowStart);
			var setWindowStart = new Action<DateTime>((val) => { if (failureType == FailurePasswordAnswer) { usr.FailedPasswordAnswerAttemptWindowStart = val; } else { usr.FailedPasswordAttemptWindowStart = val; } });

			var windowEnd = getWindowStart().AddMinutes(PasswordAttemptWindow);

			if (getFailureCount() == 0 || DateTime.Now > windowEnd) {
				setFailureCount(1);
				setWindowStart(DateTime.Now);
			}
			else {
				var nextFailureCount = getFailureCount() + 1;

				if (nextFailureCount >= MaxInvalidPasswordAttempts) {
					usr.IsLockedOut = true;
					usr.LastLockedOutDate = DateTime.Now;
				}
				else {
					setFailureCount(nextFailureCount);
				}
			}

			return usr;
		}