[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cpx] Wishlist: forgotten password

Subject: Re: [cpx] Wishlist: forgotten password
From: Bill Meier <bill@xxxxxxxxxxxxxx>
Date: Sat, 23 Apr 2005 09:01:53 -0400

At 07:04 PM 04/22/2005, you wrote:

How does CPX interact with a user that can't authenticate without openingup possibilities for security exploits? It seems the safe bet here isjust to have your EU password reset by an authenticated DA or SA. no?

Many other systems (eBay, other mailing lists, etc.) can not of courseprovide you with a plain text password, but they do assign you a temporarypassword (when you click on a URL) and then you get into a change passworddialog.

If you forget your eBay password, you aren't going to call eBay to reset itfor you!!! They have a system in place to handle that... A safe and securesystem (I hope!!)


Something for future consideration for a CPX enhancement?

It is always easier if you empower the end user to be able to do something(like in this case) rather than having to bother the DA or SA, which alsocan increase latency by 24 hours or more, until the DA/SA read their email...


Bill

======================================================================
This is <cpx@xxxxxxxxxxxxx>      <http://www.groupmail.org/lists/cpx/>
Before posting a question, please search the archives (see above URL).

Follow-Ups:
- Re: [cpx] Wishlist: forgotten password
  - From: Rus Berrett

References:
- [cpx] Wishlist: forgotten password
  - From: Rae French
- Re: [cpx] Wishlist: forgotten password
  - From: Scott Wiersdorf
- Re: [cpx] Wishlist: forgotten password
  - From: Rae French
- Re: [cpx] Wishlist: forgotten password
  - From: Rus Berrett

Prev by Date: Re: [cpx] Domain admin reading email?
Next by Date: Re: [cpx] Domain admin reading email?
Previous by thread: Re: [cpx] Wishlist: forgotten password
Next by thread: Re: [cpx] Wishlist: forgotten password
Index(es):
- Date
- Thread

Home | Main Index | Thread Index