I have a Forgot my password page where the user enters his/her email. How can I prevent someone from entering different email addresses trying to guess them or spamming my users?
Is there like an IP-based time expiring strategy you would suggest? -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
