thanks james ... your answer leads to more questions: 1. so what do you do when a user forgot his password? you obviously can´t email it, so you have to set a new one. that seems a little complicated (for the user). 2. the user should set his own password, I agree. but that doesn´t mean, I´m not going to send it ... does it?
so what´s the preferred solution here? the user sets his own password and writes it down somewhere (because I ´m not able to send it - I´m not sending the password before the user activates his account, of course). and when he lost his password, we have to set a new one ... ? I´m not sure I really get the idea here. one solution might be to store the raw password somewhere (extending the user model) - but that ´s also very strange. on the other hand, that seems to be a very common task/problem ... I´m confused ... patrick Am 18.07.2006 um 19:42 schrieb James Bennett: > > On 7/18/06, va:patrick.kranzlmueller <[EMAIL PROTECTED]> > wrote: >> since the password is stored encrypted, I´m not sure how to send it. > > There isn't any way to get at the 'raw' password once it's been > encrypted; you'll need to work around this by emailing the password > before it's encrypted, or by having the user set their own password > during registration (which is arguably more secure than emailing it). > > > -- > "May the forces of evil become confused on the way to your house." > -- George Carlin > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~----------~----~----~----~------~----~------~--~---
