[geeklog-devel] Lost password
Dirk Haun
dirk at haun-online.de
Mon May 5 10:05:25 EDT 2003
Simon Lord <slord at marelina.com> wrote:
>How do we address an ass that wants to be a pain and sits patiently
>entering usernames into the lost password form requesting new passwords
>for as many users as they can?
Okay, obviously nobody saw my posting over at geeklog-devtalk, so here's
a quote:
> http://project.geeklog.net/~dhaun/
>
>When you request a new password (via the "forgot password" link, as
>usual), you will receive an email with a unique link in it. Following
>this link will allow you to enter a new password directly.
>
>This is a first implementation, so it's lacking things like speed limits
>and an auto-expiry of the unique link. I would like to see some comments
>on the overall handling, though, please.
Most of this made it into CVS this morning, btw.
I will be adding a speed limit to this, too. But the beauty of the new
solution is that you can simply ignore the emails and your password will
remain intact.
bye, Dirk
--
http://www.haun-online.de/
http://www.macosx-faq.de/
More information about the geeklog-devel
mailing list