On 19/01/2010 14:44, Tompkins Neil wrote:
Hi All,
Following on from my earlier email - I've the following question now :
I can enforce that the user can't use the same password as the previous four
- when they change their password. However, the user can manipulate this by
changing the password four times and then resetting back to there original
password. How would I overcome this problem ? Any thoughts or
recommendations ?
Store the date/time that the password was changed, and as well as not
alllowing one within the past four passwords you can also disallow one
that was last used within the past N days, for whatever value of N you
prefer.
Mark
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql?unsub=arch...@jab.org
