On 5/25/2010 12:35 AM, V.Krishn wrote:
Somehow I think sha1($email.$username.$password) should be sufficient.
Secondly,
As no user info(including email) is stored on server,
what would be the method to resend new password when lost?
You would never resend a password, but would rather reset it. So if the
email address is not stored, then basically follow the same process as
initial sign up.
Note, I'm not suggesting there is no need to store email. Simply
highlighting it's not needed for password resets.
~ ~ Dave
_______________________________________________
pmwiki-users mailing list
[email protected]
http://www.pmichaud.com/mailman/listinfo/pmwiki-users
