Forgotten Password Reset

Discussion in 'ASP .Net' started by Alfred E. Newman, Feb 23, 2005.

  1. I want to enable visitors who have forgotten their password to request a new
    one. I have seen that some sites simply require users to enter their e-mail
    address. Then the server-side logic sends the password (perhaps a new
    temporary one) to the e-mail address if it is a valid address in the db for
    the site.

    I'm looking for opinions and perspective on implementing something similar.
    I understand that doing this would open up additional security risks - but
    considering the tradeoffs, it might be worthwhile (no angry users calling me
    at 2:00 AM). But as long as I'm going to do something like this, I want to
    be smart about it. So, any feedback, links, etc that deal with this topic
    would be appreciated..
    Alfred E. Newman, Feb 23, 2005
    #1
    1. Advertising

  2. This article may give you some things to think about:
    http://SteveOrr.net/faq/encrypt.aspx

    --
    I hope this helps,
    Steve C. Orr, MCSD, MVP
    http://SteveOrr.net


    "Alfred E. Newman" <> wrote in message
    news:%...
    >I want to enable visitors who have forgotten their password to request a
    >new one. I have seen that some sites simply require users to enter their
    >e-mail address. Then the server-side logic sends the password (perhaps a
    >new temporary one) to the e-mail address if it is a valid address in the db
    >for the site.
    >
    > I'm looking for opinions and perspective on implementing something
    > similar. I understand that doing this would open up additional security
    > risks - but considering the tradeoffs, it might be worthwhile (no angry
    > users calling me at 2:00 AM). But as long as I'm going to do something
    > like this, I want to be smart about it. So, any feedback, links, etc that
    > deal with this topic would be appreciated..
    >
    >
    >
    Steve C. Orr [MVP, MCSD], Feb 23, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. D E
    Replies:
    6
    Views:
    48,111
    rinuthomas
    May 21, 2012
  2. Showjumper

    Handling forgotten passwords

    Showjumper, Jun 12, 2006, in forum: ASP .Net
    Replies:
    2
    Views:
    377
    Erik Funkenbusch
    Jun 12, 2006
  3. AAaron123
    Replies:
    2
    Views:
    2,092
    AAaron123
    Jan 16, 2009
  4. AAaron123
    Replies:
    1
    Views:
    1,314
    Oriane
    Jan 16, 2009
  5. Andrew Murray

    Forgotten Password script

    Andrew Murray, Apr 26, 2007, in forum: ASP General
    Replies:
    1
    Views:
    137
    Stefan B Rusynko
    Apr 26, 2007
Loading...

Share This Page