El Wed, 27 Oct 2010 01:00:38 +0800
Boh Yap <bhy...@gmail.com> escribi=C3=B3:
> send 2 emails, the 1st informing that passwd reset is activated and a
> following email will contain the temp. passwd.
> then send the passwd in the 2nd email. And if the 2nd email does not
> mention an acct name, then its reasonably safe.
That hurts usability, besides, if someone is logging your email you're
in trouble anyway. Most sites send an special link to activate the
account reset, that is at most as safe as the method i detailed, and
mine isn't significantly harder to use, and it's easier to implement!
Also note that the random password is not permanent, it loses validity
after certain time (i suggested 24 hours, but you can make it as
little as 1 hour or a few minutes if you're paranoid) OR if you log in
(be it with your normal password or after using the reset), that way
abuse of the feature is less problematic on active accounts (the ones
that are most worth probably, anyway). You can also introduce blocks to
the button if it presents a problem (for example, you can only request a
reset every 2 days). But, really, only add that kind of complexity if
abuse proves to be a problem, no need to overengineer it :3