On Sunday 26 September 2004 19:45, Stuart Felenstein wrote:

> While I'm okay with mine, not completely satisfied.
> I'd like to change it to the type where like above the
> username and password is sent via email, but with the
> addition of a link in the email whereby the user must
> click on link to be "activated".  You probably have
> seen this, but to spell it out - even though they have
> the user name and password it somehow is not good
> enough to login with until this "activation" takes
> place.

Can someone please enlighten me on what extra security this method provides 
over and above the following more simple methods:

- Send user a system generated password with which they can login and 
subsequently change.

- Send user an activation link which once clicked on would activate them and 
allow them to choose a password.

Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
Search the list archives before you post
Believe everything you hear about the world; nothing is too impossibly bad.
                -- Honor'e de Balzac

PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to