Hi, i have a quick questions which i hope someone can help me with... I have developed a site in php / mysql and now i need to add to section where by the users can retrieve their password if they forgot it: Is it ok to have just one text box "Enter your email address" and then a SUBMIT button which validates the input first and then checks for the email address entered and emails the password to that email address if a record is found... is there anything wrong with this, thanks in advance
Yes. If you can email them the password that means that the password is not encypted. This is a very bad practice. What you should be doing is this. 1. encrypt all passwords 2. add a new column and call it key or similar with a length of 30 characters 3. when they enter their email address in the box a random and unique 30 char long key is generated and inserted in the database. 4. Then they will get an email with a special link that contains the unique key. When they visit the link they get to a special page where they can enter their email address and a new password (don't forget to ask them to enter the password twice to ensure it matches). The key should be in a hidden field. 5. When they click the submit button the email address and the key that have been submitted are checked and if they are correct the password is updated in the db and the key field is cleared. Done.
I am agree with Stephan You MD5 hash encryption with salt and I also suggessest to only authorize users to recover the password by emailing them a confirmation link when user click on that link new window will be open to choose new password do not permit users to use old passwords again