| Re: Most secure way to reset a password via email link [message #185163 is a reply to message #185156] |
Wed, 05 March 2014 17:53   |
J.O. Aho
Messages: 194
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 05/03/14 14:02, jvd_200089(at)yahoo(dot)co(dot)uk wrote:
> When resetting a password:
> 1) Emailing a new password that the user then logs in with and resets is the most simple method for non hashed passwords.
Then the password is stored in plain text, even if the user who resets
the password is the owner of the account, someone who gets access to the
mail account will be able to get hold of the password (how many don't
keep those emails with passwords, just in case they would forget it).
There is also the risk of quite many being able to read the password
without access to the email account on it's way from the systems mail
system to the account owners mail account.
This is bad as Christoph already pointed with his link to OWASP.
> 2) The other way involves sending a link for them to click on that redirects them to the password reset page but unless their email
> is secure anyone could click that link.
Sure, but you could use those really stupid questions like "what was
your mother maiden name" to make it a bit more difficult to just hijack
when someone taken over someone else mail account.
> What is special about this 2nd way? because thats what how my boss wants it to work because there is not point doing it that way if it isn't
> more secure than sending them a temporary new password.
You have the less risk of storing the password in plain text, no one at
your company will be able to get hold of account passwords and as the
user will for sure set a password and more likely to remember it.
> Also any source code examples for option 2 would be appreciated.
I think you can manage to solve it by yourself, just sit down five
minutes and think where to store the random generated string which is
part of the url.
--
//Aho
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]