> What's the best way to send an email to members of a site > with a link that will log them right in if they click it? > This is what I've been asked to provide, but isn't it > insecure?
Yes, by itself, that would be insecure, and not securable in any meaningful sense. However, if your members had client certificates, those could be used to secure the login process in conjunction with SSL on your server. You could encrypt the contents of the email to prevent third parties from reading it in transit, but there are no universal standards for that, so it probably won't work very well. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Get the mailserver that powers this list at http://www.coolfusion.com Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
