Presumably this is to allow a user access to an account after they've
forgotten their password. It would be much safer to generate a new random
password for them and send that to the email address you have on file, not
one they specify when the password is requested. You could also disable the
account until they click a confirmation link in an email.
Gareth Howells wrote:
> Presumably this is to allow a user access to an account after they've
> forgotten their password. It would be much safer to generate a new
> random
> password for them and send that to the email address you have on file,
> not
> one they specify when the password is requested. You could also disable
> the
> account until they click a confirmation link in an email.
>
> Gareth
But in this scenario, I can reset anybody's password and disable account
just by giving his email address. And the target will have to activate
everytime.
Create a random token and mail them a link containing that. Only when
they use that link you let them specify a new password or create one
for them.