| Password reset [message #15858] |
Wed, 07 January 2004 07:34  |
ApexDude
Messages: 2
Registered: February 2003
Karma: 0
|
Junior Member |
|
|
1. When the user forgets his/her pw, email a temporary one.
2. When the user logs in using the temporary one, force him/her to change it.
|
|
|
|
| Re: Password reset [message #15859 is a reply to message #15858] |
Wed, 07 January 2004 14:39  |
Ilia
Messages: 13241
Registered: January 2002
Karma: 0
|
Senior Member
Administrator
Core Developer |
|
|
Why?
The 'generated' passwords are completely random and rather hard to crack (more so then an avg user password). Most system requiring password changes do so because the picked passwords are usually words from a dictionary.
FUDforum Core Developer
|
|
|
|
|
|
| Re: Password reset [message #15873 is a reply to message #15872] |
Wed, 07 January 2004 20:27 |
Ilia
Messages: 13241
Registered: January 2002
Karma: 0
|
Senior Member
Administrator
Core Developer |
|
|
Unless you use https everytime you login you send the password and the login in clear text over the network also. That does not mean your password must change after every login.
FUDforum Core Developer
|
|
|
|
|
|
| Re: Password reset [message #15878 is a reply to message #15877] |
Wed, 07 January 2004 22:46 |
Ilia
Messages: 13241
Registered: January 2002
Karma: 0
|
Senior Member
Administrator
Core Developer |
|
|
Wow that's one smart cat, a lot smarter then some people I know.
I don't see the problem with this. If you do not believe your e-mail is secure either delete the message or change the password after reset. I see no reason to force yet another step on people.
FUDforum Core Developer
|
|
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]