On Tue, Nov 15, 2011 at 3:11 PM, Bram de Jong <bram.dej...@gmail.com> wrote: > Hmm, > > We have 2 milion users and this isn;t really a good solution for us... > > Does anyone else have an alternative password-reset app which doesn't > use as many characters as the default one? > > - bram >
Beware of url-shorteners, if they throw away information then you are weakening the security of the URL. The one Eric suggested will only compress integers, so you would need to generate an id for each reset, which will have less address space than the md5 currently used. How are you presenting the URL? Obviously, in HTML emails this isn't an issue at all, simply link to the URL. In text emails, if the URL is presented on a single line, by itself, surrounded by angle brackets, all email clients should be able to handle it (apart from the broken ones of course!) Cheers Tom -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
