Reset password facility

I have used a sha256 hashing algorithm in order to provide some
security to my login facility. I now want to create a facility
whereby, if the user forgets their password, they are emailed a
temporary password so that they can login. Has anyone had any
experience implementing this?

Generally if you’re using a hash to store the password, then you will need to send users to a page where they can enter a new password.
You can do this by generating a temporary token (random value) that you include in a url you mail to the user and set it to expire within a few minutes of being generated. Make sure it’s enough time for the password to be reset.

Andrew Timberlake
http://ramblingsonrails.com
http://www.linkedin.com/in/andrewtimberlake

“I have never let my schooling interfere with my education” - Mark Twain

Lovd does just that, take a look at:

lovdbyless.com

http://github.com/stevenbristol/lovd-by-less/tree/master

Cheers, Sazima

Cheers Sazima thats a great help!