Forget Password Code?

wanda46

How to write a code to send users the password she/he forgets?

notionlogic

Get them to enter their username, find the information in your database for that username and use the mail() function to email it.

Obviously for security reasons you should only mail it to the email address supplied for that username...😃

wanda46

Thank you. I got it...

ereptur

This also requires that you store the passwords in plain text as the PASSWORD function in MySQL uses a one-way encryption.

juneym

i have some few ideas to share...

For me the best solution is.

ASK FOR A SECRET QUESTIOn....

1.1 Ask for the secret answer or the e-mail.
1.2 Check if the secret answer supplied is correct
1.3 If not correct, then deny any request.
1.4 IF correct, generate a random password ( store it as hash
value), disable the account to deny any login attempt.
1.5 Send thru e-mail (based on user profile), the newly generated
password and the URL "enable code".
1.6 The user must visit the URL to enable the account and
type-in the generated code + new password + confirm new
password.

If the e-mail (ref. to 1.1) was provided instead of the secret
answer:
- determine the owner of the e-mail address (1 is to 1 for
user_id and e-mail)
- proceed to step 1.4

cheers!