Just another Perl shrine | |
PerlMonks |
Re^3: It's been ten years ...by haj (Vicar) |
on Jul 29, 2019 at 23:22 UTC ( [id://11103604]=note: print w/replies, xml ) | Need Help?? |
Lanx writes: This would imply adjusting the What's my password? mechanism too. Yes, of course. You can improve easily by creating a fresh random password and mailing that to the user, and then store it encrypted. After all, they forgot their password, right? This is still bad security practice, though, as plain text email isn't actually secure. With a bit more effort you can get a decent self-service password reset function. This has been done before, it isn't rocket surgery.
In Section
Perl Monks Discussion
|
|