Perl Guru Forums: Need a Custom or Prewritten Perl Program?: I need a program that...: Handling password resetting on a web site?

CGI/Perl Guide | Learning Center | Forums | Advertise | Login

Site Search: in


	MAIN INDEX	SEARCH POSTS	WHO'S ONLINE	LOG IN

Home: Need a Custom or Prewritten Perl Program?: I need a program that...:
Handling password resetting on a web site?

srhadden
Novice

Mar 2, 2012, 12:48 PM

Post #1 of 2 (28540 views)

Handling password resetting on a web site?	Can't Post

I'm not wanting to re-invent something very common.

I have a web site in development. I want the user to be able to request a forgotten password.

Is there any tutorial on doing this? Otherwise I guess I can straight up write something simple as a first draft.

I don't keep the passwords in plain text, so I can't decrypt them as far as I know. So I think I have to generate a new password and then have an email with a link that takes them to a "change password now" page.

Any tips would be great.

Zhris
User

Apr 5, 2012, 1:40 PM

Post #2 of 2 (26377 views)

Re: [srhadden] Handling password resetting on a web site? [In reply to]	Can't Post

Hi,

Your plan is the route I would probably go. If you are developing the website yourself, you will likely need to design the forgotten password code to integrate into your current system, therefore custom code would be preferable.

An alternative would be to email the user a "one time" password, which expires after say 24 hours. Upon logging in with this one time password, they are asked to provide a new password. I would also store / check the users IP upon request / on change just to be extra secure.

Chris

Search for (options)

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives