Re: Rejoice! No more editing hashes when creating users

[Ian Holsman]

On 04/08/2006, at 3:37 PM, Malcolm Tredinnick wrote: On Fri, 2006-08-04 at 15:13 +1000, Ian Holsman wrote: [...] I like the idea of a change password view,  could I twist your arm a bit and make it a  'generate random password and email it to the user view' instead of 'set password' ? and possibly have the email point the user to a view to allow them to manually set it themselves? this way the admin doesn't need to know what the password is, and you get to verify the email at the same time. I'm -1 on this. It's a lot of extra complexity just for creating a user. It's not a universal assumption that we care that the email is correct, for example. Malcolm fair enough. i just hate having 'welcome' as a default password (which is what admins usually set it to for some reason) .. it's such a security hole it's not funny. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~----------~----~----~----~------~----~------~--~---