David, That is good idea. Nancy, E-mail is best way to handover the password to the user.Most of the on-line websites following this approach. Please follow the same.
Regards, Velmurugan P Java Team. ----- Original Message ----- From: "Karr, David" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, April 02, 2003 3:11 AM Subject: Re: How to hand in the passwords to users [urgent!] > Ah, ok, that's another occasional scenario. > > A good way to resolve this is to have either the student id or their web > site registration associated with an email address. The registration > for the web site will construct a random password and email it to the > user. The user can't log in until they get the password from their > email. They can't get the password unless they can get to the email > account for that student id (or the address they enter for the > registration). > > > -----Original Message----- > > From: Nancy Crisostomo Martinez [mailto:[EMAIL PROTECTED] > > > > Thanks David, > > Not exactly, > > > > My application is some kind of schoolar system. In it the students > could > > find all > > their schoolar information by their own. Yor know, grades, schedules, > > finantial > > information, etc.. So the user id is given by their student id... so > that > > is > > clear... but the problem begin because we need to give their passwords > to > > enter to > > the site.... We don't want to give a general password for all, because > > some 'bad' > > friends of some students could know his/her student id and enter to > the > > site with > > the general password and do some 'changes'... > > We need some help to find the most secure way to hand in or to let the > > users know > > their password to enter to the site. > > > > Thanks! > > > > Nancy > > > > "Karr, David" wrote: > > > > > Your requirements aren't quite clear, but it sounds like your > > > application security would look like most online vendor sites, where > the > > > user self-registers themselves, deciding on their own password, but > they > > > can't get into the rest of the site until they accomplish that. Is > that > > > what you're looking for? > > > > > > > -----Original Message----- > > > > From: Nancy Crisostomo Martinez [mailto:[EMAIL PROTECTED] > > > > > > > > I'm trying to entablish the best way to hand in their own user_id > and > > > > password to the 3000 users of an applicattion developed. > > > > > > > > I don't know which could be the best way to do this without > forgetting > > > > the security because each user has some confidential information > in > > > > his/her session. > > > > > > > > Could you please help me? > > > > Any clue could help me! > > > > Thanks in advance! > > > > > > > > > ======================================================================== > == > > = > > > To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff > JSP- > > INTEREST". > > > For digest: mailto [EMAIL PROTECTED] with body: "set > JSP-INTEREST > > DIGEST". > > > > > > Some relevant archives, FAQs and Forums on JSPs can be found at: > > > > > > http://java.sun.com/products/jsp > > > http://archives.java.sun.com/jsp-interest.html > > > http://forums.java.sun.com > > > http://www.jspinsider.com > > > > > ======================================================================== > == > > = > > To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP- > > INTEREST". > > For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST > > DIGEST". > > > > Some relevant archives, FAQs and Forums on JSPs can be found at: > > > > http://java.sun.com/products/jsp > > http://archives.java.sun.com/jsp-interest.html > > http://forums.java.sun.com > > http://www.jspinsider.com > > =========================================================================== > To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". > For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". > > Some relevant archives, FAQs and Forums on JSPs can be found at: > > http://java.sun.com/products/jsp > http://archives.java.sun.com/jsp-interest.html > http://forums.java.sun.com > http://www.jspinsider.com > ==========================================================================To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST". For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST". Some relevant archives, FAQs and Forums on JSPs can be found at: http://java.sun.com/products/jsp http://archives.java.sun.com/jsp-interest.html http://forums.java.sun.com http://www.jspinsider.com
