Registration-what is more safe?

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
User avatar
feinstimmer
Forum Newbie
Posts: 19
Joined: Thu Dec 07, 2006 8:36 am

Registration-what is more safe?

Post by feinstimmer »

I made two scripts with different ways of registrating users:
by only validating email addres (sending validation email) which is posted in reg. form (user make passw.himself) and
second is by generating password and sending it on posted email addres

Which sistem is more safe(basicly)?
Thanks in advance!!
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Both are about as equal as it can get in my book.
User avatar
Nathaniel
Forum Contributor
Posts: 396
Joined: Wed Aug 31, 2005 5:58 pm
Location: Arkansas, USA

Post by Nathaniel »

I don't see either one as inherently "safer."

Emailing the password has the benefit of not requiring a script which activates the user account when someone clicks the link in his email.
User avatar
feinstimmer
Forum Newbie
Posts: 19
Joined: Thu Dec 07, 2006 8:36 am

Post by feinstimmer »

Thanks!! At the end i stick with simplyer.
Post Reply