[thelist] Retrieving password() field from a MySQL table

rudy r937 at interlog.com
Tue Jan 21 07:22:01 CST 2003


> resetting a forgotten password to something new and then
> emailing that to the user is the best approach.

if you have ever changed your email ids, this method fails spectacularly

i know a lot of sites use it, but that doesn't make it good

for example, if you register your company email id when signing up for
access to, say, a vendor's online documentation, and you change companies,
you could be months into the new job, forget your password, and sit by
helplessly while they mail it to your old email address

and can you really afford, during the last few days on the job, to go
through all the sites where you might have registered, to change your email
id to something else?  and to what?  some hotmail id that you opened just
for that purpose?  how do you know which of the sites you've registered at
use the "mail the password to the email id" method, without visiting each
one and pretending to forget?

i don't like this method at all, but maybe that's just me


rudy




More information about the thelist mailing list