Hi Dulanja,
> There can be a requirement where the system forces the user to change the > password, but at the same time give him the option to use the old password. > I've seen some financial organizations doing this. > >> >>> IMO, letting use of one of old password again creates a security threat. Isn't it? Regards, -- *Milan Perera *| Software Engineer WSO2, Inc | lean. enterprise. middleware. #20, Palm Grove, Colombo 03, Sri Lanka Mobile: +94 77 309 7088 | Work: +94 11 214 5345 Email: [email protected] <[email protected]> | Web: www.wso2.com <http://lk.linkedin.com/in/milanharinduperera>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
