[Catalyst-dev] Resetting passwords ...

Kiffin Gish kiffin.gish at planet.nl
Sat Feb 13 19:38:47 GMT 2010


You're correct on that issue. However, I still want to be able to let
user's who forgot their passwords to have their password reset. The
temporary password is immediately emailed to them with an embedded link.
The next time they login, they will always be redirected to the change
password page until they change it.

On Sat, 2010-02-13 at 20:15 +0100, Marcus Ramberg wrote:
> Also, I would not recommend forcing password resets on a regular basis
> for security reasons. This almost always ends up in users either using
> simpler pattern passwords or writing their passwords on a note taped
> to the screen, thus reducing security.
> 
> ***
> Marcus Ramberg
> Nordaaker ltd.
> +47 934 17 508
> http://nordaaker.com
> 
> 
> 
> On Tue, Feb 9, 2010 at 4:47 PM, Tomas Doran <bobtfish at bobtfish.net> wrote:
> > Kiffin Gish wrote:
> >>
> >> Any suggestions on an elegant way to solve this?
> >
> > Don't use auto.
> >
> > Use chained dispatch and have /noauth, /auth and /passwordreset (not sure if
> > the latter one is needed) top level path parts everything is chained off of.
> >
> > Also, this should be on the users list as it's nothing to do with developing
> > Catalyst itself (or Catalyst components), but a question about your app.
> >
> > Cheers
> > t0m
> >
> >
> > _______________________________________________
> > Catalyst-dev mailing list
> > Catalyst-dev at lists.scsys.co.uk
> > http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev
> >
> 
> _______________________________________________
> Catalyst-dev mailing list
> Catalyst-dev at lists.scsys.co.uk
> http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev


-- 
Kiffin Gish <Kiffin.Gish at planet.nl>
Gouda, The Netherlands





More information about the Catalyst-dev mailing list