RE: Thanks!

What I've always done is put in functionality for the user to receive a new random password via email. If they forget it, they just put in their email address and their login and password are sent. Sites implement this in any number of ways.

Enter email address only - Just sends out a new password to the email address.

Enter email address and answer question - When you create an account, you include a question and answer portion. For example, "What is your favorite color?" "Red." In order for the new password to be set, the user has to successfully answer the question. Most allow the user to pick their own question.

Comment on RE: Thanks!

Replies are listed 'Best First'.
RE: RE: Thanks! by skazat (Chaplain) on Apr 25, 2000 at 07:18 UTC
that seems to be the best idea, just email a new password to the email address, thanks alot!	[reply]
RE: RE: RE: Thanks! by jbert (Priest) on Apr 25, 2000 at 19:21 UTC
One problem here is that if I don't like someone I can reset their password to a new one, by entering their email address and saying 'mail new password'. Sure, they'll get the new one as an email but its a bit of an inconvenience. Probably not a major issue, though.	[reply]