I have never used this control, as i normally have to use a custom security model.
What will the link do? If the link should then direct the user to a page to show them the new password, this is bad practice as the password should not be stored in a readable or encrypted format.
If you could provide me with more details then i will try and help.
About creating a link and sending it to the user, you can get the userid from the Database and use it to generate a unique number or generate a new GUID, store it somewhere with the userid and validate it when user comes to your website by clicking on the
link.
akiraan
0 Points
4 Posts
Password Recovery : Sending a link in email instead of password in clear text.
May 09, 2012 07:23 AM|LINK
Hi,
I am using Password recovery control in asp.net. By default it sends the password as clear text to the user's mailbox.
My requirement is to send a link(which expires in 1 day) to the user's mailbox.
Pls help me in this.
niceastham
Member
645 Points
175 Posts
Re: Password Recovery : Sending a link in email instead of password in clear text.
May 09, 2012 12:46 PM|LINK
I have never used this control, as i normally have to use a custom security model.
What will the link do? If the link should then direct the user to a page to show them the new password, this is bad practice as the password should not be stored in a readable or encrypted format.
If you could provide me with more details then i will try and help.
Thanks, nic
niceastham
Member
645 Points
175 Posts
Re: Password Recovery : Sending a link in email instead of password in clear text.
May 09, 2012 12:47 PM|LINK
And when i say "not readable or encrypted", i mean it should be hashed which is one way ;)
nijhawan.sau...
All-Star
16460 Points
3178 Posts
Re: Password Recovery : Sending a link in email instead of password in clear text.
May 09, 2012 12:57 PM|LINK
http://stackoverflow.com/questions/1041181/password-recovery-without-sending-password-via-email
akiraan
0 Points
4 Posts
Re: Password Recovery : Sending a link in email instead of password in clear text.
May 10, 2012 04:01 AM|LINK
Nic,
The link will redirect to a page where the user can enter a new password.
The link which i am sending through Email must have a unique GUID which i can cross check before loading the page.
akiraan
0 Points
4 Posts
Re: Password Recovery : Sending a link in email instead of password in clear text.
May 10, 2012 04:06 AM|LINK
Saurabh Nijhawan,
Thanks for the link. This is what i need exactly.
But i am looking for the code.
Can anyone provide the code for this?.
nijhawan.sau...
All-Star
16460 Points
3178 Posts
Re: Password Recovery : Sending a link in email instead of password in clear text.
May 10, 2012 04:53 AM|LINK
Here's a code sample.
About creating a link and sending it to the user, you can get the userid from the Database and use it to generate a unique number or generate a new GUID, store it somewhere with the userid and validate it when user comes to your website by clicking on the link.
http://www.codeproject.com/Articles/15693/Password-Recovery
akiraan
0 Points
4 Posts
Re: Password Recovery : Sending a link in email instead of password in clear text.
May 25, 2012 12:39 PM|LINK
I got the solution...
Thank u...