From: "Matt Schroebel" <MSchroebel@hsus.org> > > 1. Make up a random new password, PASSWORD() it, save it to the db while > also setting the password expiration date to 20 minutes in the future, > and setting a 'must change password flag', and mail the un-encrypted > password along with a link to change it. AAAHHH!!! Don't do that. Do that and I'll write a little PHP script that'll go through and change the password for every user you've got. Sure, they'll get the password in the email (hope their email address is valid), but can you imagine the PITA that would be? Send them a link saying "you've requested to change / retrieve your password" with a link to click on. Explain to them that if they did not request this, they can delete this email and their password will remain unchanged. Clicking on the link has a unique ID that identifies who the user is (you set this ID when they request the change/retrieval). Now, since you know they got the email and they clicked on the link, you can safely assume it's them (although you could ask a few simple questions) and let them set a new password. Only then do you update it. Passwords shouldn't be sent over email, only links to change the password. The ID is tied to a certain time, so that if after X minutes, the link isn't clicked, the request times out. ---John Holmes... -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
