To get around this, some sites ask the user for a hint question when they register. If the user forgets their password, they must answer their hint question (which they hopefully still remember), and supply some other personal information (which is verified against the info they provided upon registering). A new password is generated and emailed only if the above are correct. I'm pretty sure Yahoo does this for My Yahoo, Yahoo Mail, and the like.
Another idea would be to generate a new password, but revert to the old one after, say, ten minutes if the user doesn't log in and change it. In this case, you would still let the user log in with the old password within those ten minutes. I realize this might not be easy to impliment ontop of an existing username/password database, though.
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|
