On Wed, Jun 25, 2003 at 04:11:55 -0400, ted serbinski wrote: > The only question I have with hashing a password is, what if a user forgets > his/her password? > So how do you guys get around this? Provide a form for the user to enter their email address. Generate a random key and email it to them. Give them access to a "set a new password" prompt when they enter that key (by following the link in the email). -- David Dorward http://david.us-lot.org/ Redesign in progress: http://stone.thecoreworlds.net/ Microsoft announces IE is dead (so upgrade): http://minutillo.com/steve/weblog/2003/5/30/microsoft-announces-ie-is-dead