Esempio n. 1
0
        private void ForgotPassword3NextButton_Click(object sender, RoutedEventArgs e)
        {
            string selected_ForgotPasswordCode = UserModel.UserModel.twoFAcode;

            UserModel.UserModel cm = UserModel.UserModel._currentUserModel;
            string userID          = cm.userID;

            Console.WriteLine(userID + "TEICJASMCA");
            if (ForgotPasswordCodeTextBox.Text == selected_ForgotPasswordCode)
            {
                MessageBox.Show("Correct!");
                string date      = AlgorithmLibary.PredictionModel.getCurrentDate();
                string loginTime = DateTime.Now.ToString("HH.mm");
                string publicIP  = PredictionModel.getCurrentPublicIP();
                string publicMAC = PredictionModel.getCurrentMAC();
                Console.WriteLine(publicMAC + "HELLO");

                UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
                string        exist = UserModel.UserModel.checkFollowUp(userID, connectionString);
                SqlConnection con;
                SqlCommand    cmd;
                string        riskLevelStatement = null;
                riskLevelStatement = "Low";

                con = new SqlConnection(connectionString);
                try
                {
                    string connectionString = conSettings.ConnectionString;

                    con = new SqlConnection(connectionString);
                    con.Open();
                    cmd = new SqlCommand("DELETE FROM [dbo].[FailedAttempt] where UserID = '" + userID + "'", con);
                    cmd.ExecuteNonQuery();
                }
                catch (Exception ex)
                {
                    System.Windows.MessageBox.Show(ex.Message);
                }
                finally
                {
                    con.Close();
                }
                if (exist != null)
                {
                    UserModel.UserModel.updateFollowUp(userID, connectionString, "False");


                    //Navigate to Chester page
                    //Page cloud = new StartupPage();
                    //this.NavigationService.Navigate(cloud);
                }

                else
                {
                    UserModel.UserModel.saveFollowUp(userID, connectionString, "False");
                    //Navigate To chester page
                    //Page cloud = new StartupPage();
                    //this.NavigationService.Navigate(cloud);
                }
                PredictionModel.SessionRiskValue = riskLevelStatement;
                UserModel.UserModel.twoFASucceed = true;
            }
            else
            {
                MessageBox.Show("Invalid code! Please Try Again");
                counter++;
                if (counter > 3)
                {
                    MessageBox.Show("More than 3  Failed attempts! Account will be locked now!");
                    string exist = UserModel.UserModel.checkFollowUp(userID, connectionString);
                    UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date);
                    if (exist != null)
                    {
                        UserModel.UserModel.updateFollowUp(userID, connectionString, "True");
                    }
                    else
                    {
                        UserModel.UserModel.saveFollowUp(userID, connectionString, "True");
                    }

                    counter = 0;
                    UserModel.UserModel.twoFASucceed = false;
                }
            }
        }
Esempio n. 2
0
        private void ButtonNext_Click(object sender, RoutedEventArgs e)
        {
            PasswordTextBox.Password = GetSha512FromString(PasswordTextBox.Password);
            //MessageBox.Show(PasswordTextBox.Password);

            try
            {
                con = new SqlConnection(connectionString);
                con.Open();
                cmd    = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "' and Password = '******'", con);
                reader = cmd.ExecuteReader();

                int count = 0;

                while (reader.Read())
                {
                    count += 1;
                    Console.WriteLine(" | UserID : " + reader.GetString(0) + " | Password : "******" | Name : " + reader.GetString(2) + " | Email : " + reader.GetString(3) + " | ContactNo : " + reader.GetString(4));
                }

                if (count == 1)
                {
                    string     userID   = UserIDTextBox.Text;
                    string[][] userList = checkUserEligibility(userID, connectionString);
                    UserModel.UserModel.currentUserID = userID;
                    string currentUser = UserModel.UserModel.currentUserID;
                    //MessageBox.Show(currentUser + "is thios");
                    UserModel.UserModel um = UserModel.UserModel.retrieveUserFromDatabase(currentUser);
                    Console.WriteLine(um.userPassword);
                    string checkForFollowUp = UserModel.UserModel.checkFollowUp(userID, connectionString);

                    (App.Current as App).LoginUserID = UserIDTextBox.Text;

                    try
                    {
                        con = new SqlConnection(connectionString);
                        con.Open();
                        cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con);
                        Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar();
                        //MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)");
                        if (noOfFailedLoginAttempt > 3)
                        {
                            MessageBox.Show("Account is locked , please complete TWO FA");
                            string subject         = "Authentication Message";
                            string subjectBody     = "Authentication Code is ";
                            UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
                            string email           = cm.userEmail;
                            UserModel.UserModel.do2fa(subject, subjectBody, email);

                            Page authentication1 = new Authentication1();
                            this.NavigationService.Navigate(authentication1);
                        }

                        else
                        {
                            if (checkForFollowUp == "True")
                            {
                                //MessageBox.Show("Account is locked , please complete TWO FA");
                                string subject         = "Authentication Message";
                                string subjectBody     = "Authentication Code is ";
                                UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
                                string email           = cm.userEmail;
                                UserModel.UserModel.do2fa(subject, subjectBody, email);

                                Page authentication = new Authentication();
                                this.NavigationService.Navigate(authentication);
                            }
                            else
                            {
                                //MessageBox.Show("Account not locked.");
                                if (userList.Count() < 30)
                                {
                                    string date                   = AlgorithmLibary.PredictionModel.getCurrentDate();
                                    string loginTime              = DateTime.Now.ToString("HH.mm");
                                    string publicIP               = PredictionModel.getCurrentPublicIP();
                                    string publicMAC              = PredictionModel.getCurrentMAC();
                                    string userLogInPreference    = getUserLogInPreference(userID, connectionString);
                                    string userComputerPreference = getUserComputerPreference(userID, connectionString);
                                    //The method below is supposed to read from the database all the entries of hostname for this specific user

                                    string[] currentHostnameSet = getUserHostNameSet(userID, connectionString);
                                    foreach (var element in currentHostnameSet)
                                    {
                                        Console.WriteLine(element + "JADSjc");
                                    }
                                    //string[] currentHostnameSet =
                                    //{
                                    //    "JUSTINSOH-PC",
                                    //    "JUSTINSOH-PC",
                                    //    "JUSTINSOH-PC",
                                    //    "JUSTINSOH-PCC",
                                    //    "JUSTINSOH-PCC",
                                    //    "JUSTINSOH-PCC",

                                    //};
                                    double logInRisk = evaulateUserLogInString(userLogInPreference, loginTime);

                                    double userHostRisk = evaulateUserComputerPreference(userComputerPreference, currentHostnameSet);

                                    logInRisk    = logInRisk * 0.3;
                                    userHostRisk = userHostRisk * 0.7;

                                    double totalRisk = logInRisk + userHostRisk;
                                    Console.WriteLine(userHostRisk + " HOSTNAME");
                                    Console.WriteLine(logInRisk + "LOG IN RISK");
                                    Console.WriteLine(totalRisk);
                                    string riskStatement      = null;
                                    string riskStatementLevel = null;
                                    if (totalRisk <= 0.4)
                                    {
                                        riskStatementLevel = "Low";
                                        riskStatement      = "The risk level is low";
                                        UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
                                        Page cloud = new StartupPage();

                                        this.NavigationService.Navigate(cloud);
                                    }

                                    // Removing access control and giving access control
                                    else if (totalRisk <= 0.70)
                                    {
                                        riskStatementLevel = "Medium";
                                        riskStatement      = "The risk level is medium";
                                        Page cloud = new StartupPage();
                                        UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
                                        //MessageBox.Show("Entry Saved");
                                        //UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date);
                                        //MessageBox.Show("Entry Deleted");
                                        this.NavigationService.Navigate(cloud);
                                        //Remove Access Control
                                    }

                                    //Instantly Re authenticate
                                    else if (totalRisk > 0.70)
                                    {
                                        riskStatementLevel = "High";
                                        riskStatement      = "The risk level is high";
                                        string subject         = "Authentication Message";
                                        string subjectBody     = "Authentication Code is ";
                                        UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
                                        Console.WriteLine(cm.userName + "Hellolols");
                                        string email = cm.userEmail;
                                        UserModel.UserModel.do2fa(subject, subjectBody, email);
                                        Page authentication = new Authentication();
                                        this.NavigationService.Navigate(authentication);
                                        MessageBox.Show("2FA has been sent to your email");
                                    }
                                    PredictionModel.SessionRiskValue = riskStatementLevel;
                                    Console.WriteLine(riskStatement);
                                    MessageBox.Show(riskStatement);
                                }

                                else if (userList.Count() >= 30)
                                {
                                    //Run the login prediction
                                    string     date            = AlgorithmLibary.PredictionModel.getCurrentDate();
                                    string     loginTime       = DateTime.Now.ToString("HH.mm");
                                    string     publicIP        = PredictionModel.getCurrentPublicIP();
                                    string     publicMAC       = PredictionModel.getCurrentMAC();
                                    string[][] logInCollection = getUserLogInData(userID, connectionString);
                                    double     testTime        = Convert.ToDouble(loginTime);
                                    double     testDay         = Convert.ToDouble(date);

                                    PredictionModel logInPredictionModel = new PredictionModel(testTime, testDay, logInCollection);
                                    string          logInRiskLevel       = logInPredictionModel.logInRisk;
                                    string          logInOutput          = logInPredictionModel.logInOutput;
                                    Console.WriteLine(logInOutput);
                                    Console.WriteLine("The risk level is " + logInRiskLevel);


                                    string[][] ipAddressCollection = getUserIPAddressCollection(userID, connectionString);
                                    Console.Write(ipAddressCollection.Count());
                                    string[]        query             = new string[] { publicIP, publicMAC, date };
                                    PredictionModel ipPredictionModel = new PredictionModel(ipAddressCollection, query);
                                    string          ipRisk            = ipPredictionModel.ipRisk;
                                    string          ipOutput          = ipPredictionModel.ipOutput;
                                    Console.WriteLine(ipOutput);

                                    double logInPercentage = Convert.ToDouble(logInRiskLevel) / 5.0;
                                    double ipPercentage    = Convert.ToDouble(ipRisk);

                                    logInPercentage = (logInPercentage / 100) * 30;
                                    ipPercentage    = (ipPercentage / 100) * 70;
                                    double riskLevel = logInPercentage + ipPercentage;
                                    Console.WriteLine(logInPercentage);
                                    Console.WriteLine(ipRisk);
                                    Console.WriteLine(riskLevel);
                                    string riskStatement      = null;
                                    string riskStatementLevel = null;

                                    //Can do anything
                                    if (riskLevel <= 0.4)
                                    {
                                        riskStatementLevel = "Low";
                                        riskStatement      = "The risk level is low";
                                        UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
                                        //Navigate To Chester
                                        Page cloud = new StartupPage();
                                        this.NavigationService.Navigate(cloud);
                                    }

                                    // Removing access control and giving access control
                                    else if (riskLevel <= 0.70)
                                    {
                                        riskStatementLevel = "Medium";
                                        riskStatement      = "The risk level is medium";
                                        Page cloud = new StartupPage();
                                        UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
                                        //MessageBox.Show("Entry Saved");
                                        //UserModel.UserModel.deleteDateTimeOfUser(userID, connectionString, loginTime, date);
                                        //MessageBox.Show("Entry Deleted");
                                        this.NavigationService.Navigate(cloud);
                                        //Remove Access Control
                                    }

                                    //Instantly Re authenticate
                                    else if (riskLevel > 0.70)
                                    {
                                        riskStatementLevel = "High";
                                        riskStatement      = "The risk level is high";
                                        //Do 2FA

                                        string subject         = "Authentication Message";
                                        string subjectBody     = "Authentication Code is ";
                                        UserModel.UserModel cm = UserModel.UserModel.currentUserModel;
                                        string email           = cm.userEmail;
                                        UserModel.UserModel.do2fa(subject, subjectBody, email);
                                        Page authentication = new Authentication();

                                        this.NavigationService.Navigate(authentication);
                                        MessageBox.Show("2FA has been sent to your email");
                                    }

                                    PredictionModel.SessionRiskValue = riskStatementLevel;
                                    Console.WriteLine("The current Risk Level is " + riskLevel);
                                    Console.WriteLine(riskStatement);
                                    MessageBox.Show(riskStatement);
                                }
                            }

                            (App.Current as App).LoginUserID = UserIDTextBox.Text;
                            //MessageBox.Show("Successful Login.");
                            //this.NavigationService.Navigate(new Uri(@"EditUserInfo.xaml", UriKind.RelativeOrAbsolute));
                        }
                    }
                    catch (Exception ex)
                    {
                        System.Windows.MessageBox.Show(ex.Message);
                    }
                    finally
                    {
                        con.Close();
                    }
                }


                else
                {
                    MessageBox.Show("Invalid user id or password.");

                    try
                    {
                        con = new SqlConnection(connectionString);
                        con.Open();
                        cmd    = new SqlCommand("select * from [dbo].[test] where UserID = '" + UserIDTextBox.Text + "'", con);
                        reader = cmd.ExecuteReader();

                        int countt = 0;

                        while (reader.Read())
                        {
                            countt += 1;
                        }
                        if (countt == 1)
                        {
                            try
                            {
                                con = new SqlConnection(connectionString);
                                con.Open();
                                cmd = new SqlCommand("INSERT INTO[dbo].[FailedAttempt](UserID, Date) VALUES (@UserID, @Date)", con);
                                cmd.Parameters.AddWithValue("@UserID", UserIDTextBox.Text);
                                cmd.Parameters.AddWithValue("@Date", DateTime.Now.ToShortDateString());
                                cmd.ExecuteNonQuery();

                                try
                                {
                                    con = new SqlConnection(connectionString);
                                    con.Open();
                                    cmd = new SqlCommand("select count(*) from [dbo].[FailedAttempt] where UserID = '" + UserIDTextBox.Text + "'", con);
                                    Int32 noOfFailedLoginAttempt = (Int32)cmd.ExecuteScalar();
                                    MessageBox.Show(noOfFailedLoginAttempt.ToString() + " unsuccessful login attempt(s)");
                                }
                                catch (Exception ex)
                                {
                                    System.Windows.MessageBox.Show(ex.Message);
                                }
                                finally
                                {
                                    con.Close();
                                }
                            }
                            catch (Exception ex)
                            {
                                System.Windows.MessageBox.Show(ex.Message);
                            }
                            finally
                            {
                                con.Close();
                            }
                        }
                    }
                    catch (Exception ex)
                    {
                        System.Windows.MessageBox.Show(ex.Message);
                    }
                    finally
                    {
                        con.Close();
                    }
                }

                UserIDTextBox.Clear();
                PasswordTextBox.Clear();
            }
            catch (Exception ex)
            {
                System.Windows.MessageBox.Show(ex.Message);
            }
            finally
            {
                con.Close();
            }
        }
Esempio n. 3
0
        static void Main(string[] args)
        {
            String allText = System.IO.File.ReadAllText(@"../../TextFile1.txt");

            string[][]      logInCollection      = PredictionModel.readFromFile(allText);
            double          testTime             = 24;
            double          testDay              = 3;
            PredictionModel logInPredictionModel = new PredictionModel(testTime, testDay, logInCollection);
            string          logInRiskLevel       = logInPredictionModel.logInRisk;
            string          logInOutput          = logInPredictionModel.logInOutput;

            Console.WriteLine(logInOutput);
            Console.WriteLine("The risk level is " + logInRiskLevel);


            string currentPublicIP       = PredictionModel.getCurrentPublicIP();
            string currentpubliclocation = PredictionModel.getCurrentPublicIPLocation(currentPublicIP);
            string macAddress            = PredictionModel.getCurrentMAC();
            string date = PredictionModel.getCurrentDate();

            string[][] ipAddressCollection =
            {
                new string[] { "131.23.244.105", "C00008",   "4"  },
                new string[] { "131.23.244.105", "C00008",   "4"  },
                new string[] { "147.120.34.99",  "C00008",   "1"  },
                new string[] { "131.23.244.105", "D00008",   "3"  },
                new string[] { currentPublicIP,  "D8000",    "4"  },
                new string[] { currentPublicIP,  macAddress, date },
                new string[] { currentPublicIP,  macAddress, date },
                new string[] { "151.23.244.105", "C000324",  date }
            };
            //string[] query = new string[] { "1311.23.244.105", "C0000008", date};
            //string[] query = new string[] { currentPublicIP, macAddress, date };
            string[] query = new string[] { "151.23.244.105", "C000324", date };

            PredictionModel ipPredictionModel = new PredictionModel(ipAddressCollection, query);
            string          ipRisk            = ipPredictionModel.ipRisk;
            string          ipOutput          = ipPredictionModel.ipOutput;

            Console.WriteLine(ipOutput);
            double logInPercentage = Convert.ToDouble(logInRiskLevel) / 5.0;
            double ipPercentage    = Convert.ToDouble(ipRisk);

            logInPercentage = (logInPercentage / 100) * 30;
            ipPercentage    = (ipPercentage / 100) * 70;
            double riskLevel = logInPercentage + ipPercentage;

            Console.WriteLine(logInPercentage);
            Console.WriteLine(ipRisk);
            Console.WriteLine(riskLevel);
            string riskStatement = null;

            //Can do anything
            if (riskLevel <= 0.4)
            {
                riskStatement = "The risk level is low";
            }

            // Removing access control and giving access control
            else if (riskLevel <= 0.70)
            {
                riskStatement = "The risk level is medium";
            }

            //Instantly Re authenticate
            else if (riskLevel > 0.70)
            {
                riskStatement = "The risk level is high";
            }


            Console.WriteLine(riskStatement);

            //string fileName = @"../../../../testing/IPPrediction.py";

            //Process p = new Process();
            //p.StartInfo = new ProcessStartInfo(@"../../../../../../../../Anaconda/python.exe", fileName)
            //{
            //    RedirectStandardOutput = true,
            //    UseShellExecute = false,
            //    CreateNoWindow = true
            //};
            //p.Start();

            //string output = p.StandardOutput.ReadToEnd();
            //Console.WriteLine(output);



            //string currentPublicIP = PredictionModel.getCurrentPublicIP();
            //string currentPublicLocation = PredictionModel.getCurrentPublicIPLocation(currentPublicIP);
            //Console.WriteLine(currentPublicIP + " is at " + currentPublicLocation);

            //string localIP = getCurrentPrivateIP();
            //string macAddress = getCurrentMAC(localIP);
            //Console.WriteLine(macAddress);
            //string date = getCurrentDate();



            //string[][] ipAddressCollection =
            //{
            //    new string [] {"131.23.244.105","C00008" , "4"} ,
            //    new string [] {"131.23.244.105", "C00008" , "4"} ,
            //    new string [] { "147.120.34.99", "C00008" , "1"} ,
            //    new string [] { "131.23.244.105", "D00008" , "3"},
            //    new string [] { localIP , "D8000" , "4"},
            //    new string [] { localIP , macAddress , date},
            //    new string [] { localIP , macAddress , date}
            //};
            //string[] query = new string[] { localIP, macAddress , date};
            //Dictionary<string, int> count = getCountNumber(ipAddressCollection);
            //string[][] keyData = getValueArray(ipAddressCollection);
            //string[] queryKey = checkQueryData(query, ipAddressCollection);
            //Console.WriteLine(queryKey[0]);
            //Console.WriteLine("Convert a certain IP and MAC and DAY to key form : " + queryKey[0] +  queryKey[1] + queryKey[2] + queryKey[3]);
            //string[] retrieveValue = new string[] { queryKey[0], queryKey[1], queryKey[2] };
            //string[] retrievedDataValue = getKeyInformation(queryKey, ipAddressCollection);
            //Console.WriteLine("Convert Key to Info " + retrievedDataValue[0] + " " + retrievedDataValue[1] + " " + retrievedDataValue[2] + " " + retrievedDataValue[3]);

            //foreach (var element in keyData)
            //{
            //    Console.WriteLine(element[0] + element[1] + element[2] + element[3]);
            //}


            //foreach (var element in count)
            //{
            //    Console.WriteLine(element.Key + " = " + element.Value);
            //}
            //int counter = 0;
            //string[][] testingList = new string[keyData.Count()][];
            //string[][] passList = new string[keyData.Count()][];
            //foreach (var element in keyData)
            //{
            //    passList[counter] = new string[] { element[0], element[1], element[2], Convert.ToString(count.ElementAt(counter).Value) };
            //    string[] question = new string[] { element[0], element[1], element[2] };
            //    string[] data = getKeyInformation(question, ipAddressCollection);
            //    testingList[counter] = new string[] { data[0], data[1], data[2], Convert.ToString(count.ElementAt(counter).Value) };
            //    counter++;
            //}

            //Console.WriteLine("PASSING IN PARAMETER LIST");
            //Console.WriteLine("IP " + " MAC " + "       DAY " + "     COUNT ");
            //foreach (var element in passList)
            //{

            //    Console.WriteLine(element[0] + "     " + element[1] + "        " + element[2] + "         " + element[3]);
            //}

            //Console.WriteLine("CHECKING THE LIST");
            //foreach (var element in testingList)
            //{
            //    Console.WriteLine("IP is " + element[0] + " MAC Address " + element[1] + " Day of the week " + element[2] + " with a count of " + element[3]);
            //}
        }
Esempio n. 4
0
        //private void saveDateTimeOfUser(string userID, string connectionString, string loginTime, string date, string publicIP, string publicMAC)
        //{
        //    SqlConnection con;
        //    SqlCommand cmd;
        //    con = new SqlConnection(connectionString);
        //    string currentHostname = System.Environment.MachineName.ToString();
        //    con.Open();
        //    try
        //    {


        //        cmd = new SqlCommand("INSERT INTO [dbo].[LogAnalysis] (UserID, LoginTime, LoginDate, IpAddress , MacAddress , hostname) VALUES (@UserID, @LoginTime, @LoginDate , @IPAddress , @MACAddress , @HostName)", con);
        //        cmd.Parameters.AddWithValue("@UserID", userID);
        //        cmd.Parameters.AddWithValue("@LoginTime", loginTime);
        //        cmd.Parameters.AddWithValue("@LoginDate", date.ToString());
        //        cmd.Parameters.AddWithValue("@IPAddress", publicIP);
        //        cmd.Parameters.AddWithValue("@MACAddress", publicMAC);
        //        cmd.Parameters.AddWithValue("@HostName", currentHostname);
        //        cmd.ExecuteNonQuery();

        //    }
        //    catch (Exception ex)
        //    {
        //        Console.WriteLine(ex.Message);
        //    }
        //    finally
        //    {
        //        con.Close();
        //    }
        //}

        private void ForgotPassword3NextButton_Click(object sender, RoutedEventArgs e)
        {
            string selected_ForgotPasswordCode = UserModel.UserModel.twoFAcode;

            UserModel.UserModel cm = UserModel.UserModel._currentUserModel;
            string userID          = cm.userID;

            if (ForgotPasswordCodeTextBox.Text == selected_ForgotPasswordCode)
            {
                MessageBox.Show("Correct!");
                string date      = AlgorithmLibary.PredictionModel.getCurrentDate();
                string loginTime = DateTime.Now.ToString("HH.mm");
                string publicIP  = PredictionModel.getCurrentPublicIP();
                string publicMAC = PredictionModel.getCurrentMAC();
                Console.WriteLine(publicMAC + "HELLO");
                string riskLevelStatement = "Low";
                //Use the same class for saveDateTime Method - Justin Changed at 1:20 am on 6/8/2017
                UserModel.UserModel.saveDateTimeOfUser(userID, connectionString, loginTime, date, publicIP, publicMAC);
                string exist = UserModel.UserModel.checkFollowUp(userID, connectionString);

                string selected_UserID = (App.Current as App).LoginUserID;

                try
                {
                    string connectionString = conSettings.ConnectionString;

                    con = new SqlConnection(connectionString);
                    con.Open();
                    cmd = new SqlCommand("DELETE FROM [dbo].[FailedAttempt] where UserID = '" + selected_UserID + "'", con);
                    cmd.ExecuteNonQuery();
                }
                catch (Exception ex)
                {
                    System.Windows.MessageBox.Show(ex.Message);
                }
                finally
                {
                    con.Close();
                }

                if (exist != null)
                {
                    UserModel.UserModel.updateFollowUp(userID, connectionString, "False");
                }
                else
                {
                    UserModel.UserModel.saveFollowUp(userID, connectionString, "False");
                }

                Page cloud = new StartupPage();
                PredictionModel.SessionRiskValue = riskLevelStatement;
                this.NavigationService.Navigate(cloud);
            }
            else
            {
                MessageBox.Show("Invalid code! Please Try Again");
                //Remove the statement below because it will conflict with my fe
                counter++;
                if (counter > 3)
                {
                    MessageBox.Show("More than 3 attempts! Account will be locked now!");
                    string exist = UserModel.UserModel.checkFollowUp(userID, connectionString);
                    if (exist != null)
                    {
                        UserModel.UserModel.updateFollowUp(userID, connectionString, "True");
                    }
                    else
                    {
                        UserModel.UserModel.saveFollowUp(userID, connectionString, "True");
                    }
                    Page LoginPage = new LoginPage();
                    this.NavigationService.Navigate(LoginPage);
                }
            }
        }