View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

Is there a tutorial for validating a user in order to send them their password?

Thread began 1/03/2010 12:23 am by Stevebo | Last modified 1/14/2010 12:31 pm by Stevebo | 2803 views | 20 replies

Stevebo

Remember that they aren't entering a secret question, they are entering a secret answer that is associated with their email address. I need their email address so that I can retrieve the secret question from their profile in the database in order to prompt them for their secret answer.

I like the idea of validating all three things at once (email address, secret question, and secret answer), but how will they know the secret question they selected when they set up their profile at the same time they are supplying their email address? That's the part I must be missing since it seems that I'd have to validate their email address in order to retrieve their secret question from the database for that email address and then to display it to them so that they could enter their secret answer. I'm only validating against their email address and secret answer, the secret question is required as a reminder for their secret answer.

The assumption that a secret question and answer can be easily guessed isn't correct. Although I gave an example such as "What is the name of your favorite pet?" (which is not necessarily an easy-to-guess question), our questions are actually a lot more stringent than that. We are dealing with secret questions that have to do with billing account number, customerID numbers, etc. That info is considered to be proprietary info that is not supposed to be accessible outside of our company and theirs.

By the way, it's about security more than anything else when it comes to requesting a password. They won't be jumping through hoops all the time, just when they forget their password. If you want to see an example of complexity, log into your Paypal account if you have one and click on forgot password. We are doing something somewhat similar.

steve

p.s. thanks for bearing with me on this. I didn't want to get into the details too much due to an NDA, but I can tell you more in a private email if you'd like a better understanding of what we are running in to.

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...