but I think it's better to send a secret url to the user via email which leads to a script that allows the user to change the password. Otherwise you could annoy other users by entering there email address and getting their password reset.
To be elegent the secret url should expire after 48 hours or some similar time period.
On 8/22/06, Alexandre LEGOUT <
[EMAIL PROTECTED]> wrote:
Start to be off-topic, but I would say it is still possible to keep an
account with hashed password if a script generate a new random pass,
send it by email, then hash it and stores it... ;) Secure and simple...
Bye
Nicolas Cannasse a écrit :
>> Hi man,
>>
>> The easiest thing, unfortunately, is to create a new account.
>> Dokuwiki -- as amazing at it might seem -- doesn't have a password
>> recovery feature! This is something we will be addressing in the next
>> round of development.
>>
>> Take care + thanks,
>> Aral
>>
>
> The reason is pretty simple : Dokuwiki does not store the password "in
> clear" but as a hashing value, so it can only check the password
> validity but does not know its exact value. Password recovery is then an
> impossible feature ;)
>
> Nicolas
>
> _______________________________________________
> osflash mailing list
> [email protected]
> http://osflash.org/mailman/listinfo/osflash_osflash.org
>
>
>
_______________________________________________
osflash mailing list
[email protected]
http://osflash.org/mailman/listinfo/osflash_osflash.org
_______________________________________________ osflash mailing list [email protected] http://osflash.org/mailman/listinfo/osflash_osflash.org
