Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › MySQLi Server Behaviors › MySQLI Server Behaviors General / Announcements › Advice on creating a "Forgotten Password?" function?

View all replies to this thread

Advice on creating a "Forgotten Password?" function?

Thread began 1/30/2017 2:17 pm by Nathon Jones Web Design | Last modified 2/03/2017 12:12 pm by Nathon Jones Web Design | 2887 views | 8 replies

1/30/2017 2:17 pmNathon Jones Web Design

Advice on creating a "Forgotten Password?" function?

I need to add a "Forgotten Password" option to a sign in form which, as I understand, is best if you simply reset the password as opposed to sending it to the user by e-mail, which could be intercepted. Right?

1) Sign in page
2) Sign in fails - display link to Reset Password page
3) Ask user to enter email address to reset their password. Upon submission, the system writes a temporary password to database and e-mails it to the e-mail address.
4) User receives an e-mail with a link to a page that asks them to log in using the temporary password displayed in that e-mail.
5) Once logged in, they are forced to reset the password to something else - in case the reset password e-mail is intercepted.

Is that the best approach?

How do I generate a random password in Step 3 above?

Thank you.
NJ

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.