Forgotten Password Reset

A

Alfred E. Newman

I want to enable visitors who have forgotten their password to request a new
one. I have seen that some sites simply require users to enter their e-mail
address. Then the server-side logic sends the password (perhaps a new
temporary one) to the e-mail address if it is a valid address in the db for
the site.

I'm looking for opinions and perspective on implementing something similar.
I understand that doing this would open up additional security risks - but
considering the tradeoffs, it might be worthwhile (no angry users calling me
at 2:00 AM). But as long as I'm going to do something like this, I want to
be smart about it. So, any feedback, links, etc that deal with this topic
would be appreciated..
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top