Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is safer? Should I send an email with a URL that expires to users to reset their password or should I email a newly generated password?

Tags:

I was wondering what would be the safer option when users have forgotten their password

  • Send a randomly generated new password to the email address (all email addresses in my database are confirmed to work).

Or

  • Send an email with a link that expires within a certain time frame where the user can reset their password.

Aside from the fact the latter uses an extra table, what do you think is safer/better practice?

like image 440
Marijn Huizendveld Avatar asked Feb 16 '10 23:02

Marijn Huizendveld


People also ask

When should password reset link expire?

A good password reset link should last for 1 hour at most, this gives enough time for users with different browsers or devices to be able to access it. However, there are some instances when it may be beneficial to have a link that lasts longer or shorter than an hour.

How would you assist a customer with a password reset?

So if your customer says, “I can't log in!” ask them how they accessed the sign-in page. If they are in the right place, send them a reset link. Send them the correct sign-in link if they're in the wrong place. Verify their email address to make sure they receive the password reset email.

What is a password reset email?

Password reset emails are some of the most succinct emails you can send. Generally speaking, they have one goal: to help users securely re-establish access to their accounts. In most cases, that will be through sending a password reset link.


2 Answers

If you send an email containing the password, it means :

  • The password will go through some networks (unencrypted) and could be "seen"
  • The password will stay in the user's mail box
    • Which can be hacked
    • And just any one who has access to the computer might take a look

So, sending the password in an email doesn't seem that safe...


As a user, I would feel my password is "safer" with the link that contains some kind of token and expires after a while.

That "expires after a while" part is important, btw : it makes sure that if someone clicks on the link after some time (for instance, someone who accesses the user's mailbox), the link will not be used to generate a new password.


Of course, this means I won't be able to just "search in my mail box" to find the password -- but I can always ask for a new one I have forgotten it again ^^

like image 99
Pascal MARTIN Avatar answered Sep 21 '22 13:09

Pascal MARTIN


Rather baffled by the other answers here. They're exactly the same. Both give access to the user's account, both are sent in plain text, and both are in common use. Pick whichever you prefer.

Enforce an immediate password change once they use the link/password, and have the link/password expire after 24-72 hours.

like image 21
ceejayoz Avatar answered Sep 20 '22 13:09

ceejayoz