Page 1 of 1

Your opinion about Changing password

Posted: Wed Mar 30, 2005 5:16 am
by snicolas
Hi all,

I need to create a "Change your password" page for the site currently running.
I would like to add a "level of security" to it, but I am not sure exactely what to go for.
I was wondering if you could advice on method you are using to make this secure and somethingthat works well.

thanks

s

Posted: Wed Mar 30, 2005 10:19 am
by feyd
lets see.. there's the simple "enter old password, enter new password, enter new password again" .. You can require the new password request pass through their email, providing a unique, one time use, link that allows changing of their password... Or require them to contact you, where you either activate an automated acceptance, or manually edit it..

Posted: Wed Mar 30, 2005 10:24 am
by Maugrim_The_Reaper
Link by email is generally secure assuming they initially provided a genuine email account. If they haven't - or registration required no email address confirmation - this won't help them of course.