Hi, We are going to implement an one time password (OTP) feature for identity server. Basically this would generate a new password when user login to the system each time and send it to the user by email. Since the user needs to know the next password, it has to be readily available to the user. This creates a security issue if the user's email account is compromised.
WDYT on the ways/mechanisms of securely providing the password to the user by email? Has any Wso2 product already implemented similar feature? Thanks, -- Best Regards, Chamath Gunawardana Technical Lead; WSO2 Inc. Mobile : +94776322240
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
