The way it's written, it doesn't look like an email is part of the plan; just answer the question and you're logged in and allowed to change your password.
Sending the person an email is definitely not going to be such a security risk (such as the way IxDA.org handles log-ins). This won't work in every situation however. In creating an elearning site for state highway maintenance workers, I found that many of the students either didn't have an email address or didn't know how to check their email address if they did have one. In this case, using email as the sole means of any communication wasn't an option, so we stayed with the password / confirm password method. If email isn't an option (or maybe I'm missing something else), then it seems like this proposed alternative is a question/secret answer solution and a security issue. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Posted from the new ixda.org http://www.ixda.org/discuss?post=31190 ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... [EMAIL PROTECTED] Unsubscribe ................ http://www.ixda.org/unsubscribe List Guidelines ............ http://www.ixda.org/guidelines List Help .................. http://www.ixda.org/help
