Re^5: Security of website code editor?

E-mailing the user his new password is probably the most unsecure way of doing it, unless you encrypt the e-mail.

I was thinking of forcing the user to choose a new password every so often. Usually it is done right after logging in and before the user is allowed further access (otherwise, they tend to "forget" to change the password later).

CountZero

"If you have four groups working on a compiler, you'll get a 4-pass compiler." - Conway's Law

Comment on Re^5: Security of website code editor?

Replies are listed 'Best First'.
Re^6: Security of website code editor? by stonecolddevin (Parson) on Sep 03, 2006 at 19:59 UTC
Ah I didn't even think of that. So have them login, then force them to choose a new password, and as an additional security precaution, maybe have them enter their current password along with their new one? (much like when changing your password on here, i believe) meh.	[reply]
Re^7: Security of website code editor? by CountZero (Bishop) on Sep 03, 2006 at 20:12 UTC
Yes, something like that would be good. CountZero "If you have four groups working on a compiler, you'll get a 4-pass compiler." - Conway's Law	[reply]
Re^8: Security of website code editor? by stonecolddevin (Parson) on Sep 03, 2006 at 20:20 UTC
Much appreciated :-) ~~without searching~~ off the top of your head, do you know of any preexisting packages that take care of this for me? or would it be simpler just to roll my own? meh.	[reply]
Re^9: Security of website code editor? by CountZero (Bishop) on Sep 04, 2006 at 06:38 UTC