Your opinion about Changing password

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
snicolas
Forum Commoner
Posts: 97
Joined: Tue Nov 09, 2004 8:32 am

Your opinion about Changing password

Post by snicolas »

Hi all,

I need to create a "Change your password" page for the site currently running.
I would like to add a "level of security" to it, but I am not sure exactely what to go for.
I was wondering if you could advice on method you are using to make this secure and somethingthat works well.

thanks

s
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

lets see.. there's the simple "enter old password, enter new password, enter new password again" .. You can require the new password request pass through their email, providing a unique, one time use, link that allows changing of their password... Or require them to contact you, where you either activate an automated acceptance, or manually edit it..
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

Link by email is generally secure assuming they initially provided a genuine email account. If they haven't - or registration required no email address confirmation - this won't help them of course.
Post Reply