| Home | Register | FAQ | Members List | Search | Today's Posts | Mark Forums Read |
08-01-2010, 18:36
|
#1 (permalink) |
|
Senior Member
Join Date: May 2007
Location: England
Posts: 1,009
|
Password Retrevial/Reset secuirty.
If you have some kind of members login facility, then part of that is to provide the usual "I have forgotten my password/username" etc, where email entered and new password issued in one form or another. How important is it to provide extra security in form of the standard security question and answers, where you born, favourite food, name of pet etc, before the password is changed and mailed? War is Gods way of teaching Americans Geography
Wot Speeling Mishtake? |
|
|
|
|
08-01-2010, 19:28
|
#2 (permalink) |
|
Website Developer
Join Date: Jun 2007
Location: Pacific Northwest
Posts: 556
|
I've done a few things without having to ask silly questions of the user. (that they may potentially forget anyway... it happens) 1. Email a temp password that is only good for a certain amount of time. (30 minutes - 24 hours... whatever) 2. Send a link inside the email that is generated specific to that user. Potentially never actually resetting the password, but giving the user a way in. |
|
|
 |
|
