El Wed, 27 Oct 2010 01:00:38 +0800 Boh Yap <bhy...@gmail.com> escribi=C3=B3: > hi, >=20 > send 2 emails, the 1st informing that passwd reset is activated and a > following email will contain the temp. passwd. >=20 > then send the passwd in the 2nd email. And if the 2nd email does not > mention an acct name, then its reasonably safe. >=20 That hurts usability, besides, if someone is logging your email you're in trouble anyway. Most sites send an special link to activate the account reset, that is at most as safe as the method i detailed, and mine isn't significantly harder to use, and it's easier to implement! Also note that the random password is not permanent, it loses validity after certain time (i suggested 24 hours, but you can make it as little as 1 hour or a few minutes if you're paranoid) OR if you log in (be it with your normal password or after using the reset), that way abuse of the feature is less problematic on active accounts (the ones that are most worth probably, anyway). You can also introduce blocks to the button if it presents a problem (for example, you can only request a reset every 2 days). But, really, only add that kind of complexity if abuse proves to be a problem, no need to overengineer it :3
Cheers, Jos=C3=A9 -- UNSUBSCRIBE: mailto:picol...@software-lab.de?subject=unsubscribe