Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Nov 17, 2012 07:31 AM by TechFriend
Nov 16, 2012 12:07 PM|LINK
How do you guys handle a lost password on your site. I am thinking of switch from the secret question paradigm to one where we use their unique id plus the email we have on file for them to send them a link that they must then log into their email account,
click on the link then confirm. This applies two different layers of security. What do you think?
Nov 16, 2012 12:22 PM|LINK
My home computer does not require a log in. Neither does Outlook. There is more than one user.
How does your plan cope with that scenario?
Nov 16, 2012 01:06 PM|LINK
If you don't even securitize YOUR computer than I am assuming securing your personal info is not an issue for you.
Nov 17, 2012 07:31 AM|LINK
This clearly depends on your requirement and type of your site.
More the complexity, more issues for the end users.
As you asked, send a confirmation link to the user in the email, this link will have userid in encrypted url and then ask him to enter his new password and email address on browsing the url.