[geeklog-devel] Lost password

Dirk Haun dirk at haun-online.de
Mon May 5 10:05:25 EDT 2003


Simon Lord <slord at marelina.com> wrote:

>How do we address an ass that wants to be a pain and sits patiently 
>entering usernames into the lost password form requesting new passwords 
>for as many users as they can?

Okay, obviously nobody saw my posting over at geeklog-devtalk, so here's
a quote:

>    http://project.geeklog.net/~dhaun/
>
>When you request a new password (via the "forgot password" link, as
>usual), you will receive an email with a unique link in it. Following
>this link will allow you to enter a new password directly.
>
>This is a first implementation, so it's lacking things like speed limits
>and an auto-expiry of the unique link. I would like to see some comments
>on the overall handling, though, please.

Most of this made it into CVS this morning, btw.

I will be adding a speed limit to this, too. But the beauty of the new
solution is that you can simply ignore the emails and your password will
remain intact.

bye, Dirk


-- 
http://www.haun-online.de/
http://www.macosx-faq.de/




More information about the geeklog-devel mailing list