>> 1. When the user presses reset pass the button on a valid user, generate
>> a random password.
>> 2. Store it in a special field in the User object (rpass?) along
>> with the date of which that random pass was generated (rdate?)
>> 3. Send it to the user in an email like this:
>> Subject: Password reset for user (username) at (name-of-the-site)
> The only problem I see is sending the new password in an unencrypted
>From my experience, I consider generating a password and sending it in
an email very bad. Happened to me once, when I set-up an account with
quite big VPS provider and they did this. I sent them an email
complaining about it and they said it was standard practice and that I
shouldn't worry. Only after two weeks after I got the hosting with
them, they got hacked and all their servers wiped out. A lot of people
On the other hand, as far as I remember, the "standard" picolisp way of
storing passwords in plain text and even sending them to the user
editing dialog is even worse.
I would suggest changing the standard picolisp password handling
completely. Use bcrypt and store only a hash and salt. Never send and
display the password anywhere, and for forgotten passwords use a simple
validation sequence. You can try something like that at
http://logand.com/sw/ondoc/index.html after "Sing up" and then "Change
password". The only way I can see this to be secured further would be
to use https.