[geeklog-devel] Lost password
dirk at haun-online.de
Mon May 5 10:05:25 EDT 2003
Simon Lord <slord at marelina.com> wrote:
>How do we address an ass that wants to be a pain and sits patiently
>entering usernames into the lost password form requesting new passwords
>for as many users as they can?
Okay, obviously nobody saw my posting over at geeklog-devtalk, so here's
>When you request a new password (via the "forgot password" link, as
>usual), you will receive an email with a unique link in it. Following
>this link will allow you to enter a new password directly.
>This is a first implementation, so it's lacking things like speed limits
>and an auto-expiry of the unique link. I would like to see some comments
>on the overall handling, though, please.
Most of this made it into CVS this morning, btw.
I will be adding a speed limit to this, too. But the beauty of the new
solution is that you can simply ignore the emails and your password will
More information about the geeklog-devel