Hi Alex, >> 1. When the user presses reset pass the button on a valid user, generate >> a random password. >> 2. Store it in a special field in the User object (rpass?) along >> with the date of which that random pass was generated (rdate?) >> 3. Send it to the user in an email like this: >> Subject: Password reset for user (username) at (name-of-the-site) >> ... > > The only problem I see is sending the new password in an unencrypted > email.
>From my experience, I consider generating a password and sending it in an email very bad. Happened to me once, when I set-up an account with quite big VPS provider and they did this. I sent them an email complaining about it and they said it was standard practice and that I shouldn't worry. Only after two weeks after I got the hosting with them, they got hacked and all their servers wiped out. A lot of people weren't happy. On the other hand, as far as I remember, the "standard" picolisp way of storing passwords in plain text and even sending them to the user editing dialog is even worse. I would suggest changing the standard picolisp password handling completely. Use bcrypt and store only a hash and salt. Never send and display the password anywhere, and for forgotten passwords use a simple validation sequence. You can try something like that at http://logand.com/sw/ondoc/index.html after "Sing up" and then "Change password". The only way I can see this to be secured further would be to use https. Cheers, Tomas -- UNSUBSCRIBE: mailto:[email protected]?subject=unsubscribe
