Security - Change to Forgot Password process
Автор: John W.
Просмотрено 1257,
Подписчики 1,
Размещенный 0
When the user clicks on the Forgot Password in during a sign-in/login process its sends the user in clear text the password. For security purposes I think it would be better to not send the user's password; instead send them a link to create a new password.
Passwords are stored in the database as plain text, it would would be nice if some level of encryption could be used for them.
These would be a couple of small things that could help with site security.
Размещено
Hi John,
thank you for your ideas and your feedback.
please let me know if you need any further information!