| Re: Most secure way to reset a password via email link [message #185162 is a reply to message #185160] |
Wed, 05 March 2014 16:34   |
Gregor Kofler
Messages: 69
Registered: September 2010
Karma:
|
Member |
|
|
Am 05.03.2014 16:54, jvd_200089(at)yahoo(dot)co(dot)uk meinte:
> On Wednesday, 5 March 2014 15:35:30 UTC, The Natural Philosopher wrote:
>> Then always use https to avoid man in the middle attacks
>
> Yes, email link will point to https:// but when using SSL what wrong with just redisplaying the password on the screen (after answer further security questions) because the data sent between server and client will by encrypted whereas an email to a standard pop3 email account won't be (or can you send SLL to a standard email)?
TLS will encrypt mails. Provided by practically all contemporary mail
servers and clients.
Gregor
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]