[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Forgotten password recovery

To: Michael Ströder <michael@stroeder.com>
Subject: Re: Forgotten password recovery
From: Vincent Panel <yohonet@gmail.com>
Date: Wed, 4 Feb 2009 11:07:46 +0100
Cc: openldap-technical@openldap.org
In-reply-to: <4988C5F8.5020702@stroeder.com>
References: <15116fd10902030816n7691b51bjb8a3fefd43d5f6bd@mail.gmail.com> <hbf.20090203k684@bombur.uio.no> <hbf.20090203kdmx@bombur.uio.no> <4988C5F8.5020702@stroeder.com>

Ok, thanks for these interesting replies.

If the password of the temporary security-object you mention (in the
password reset ticket database) is the URL sent by drupal, then it's
probably as secure as the original drupal authentication scheme.

Many thanks !

References:
- Forgotten password recovery
  - From: Vincent Panel <yohonet@gmail.com>
- Re: Forgotten password recovery
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: Forgotten password recovery
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: Forgotten password recovery
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: best practices - dn:
Next by Date: Re: Forgotten password recovery
Index(es):
- Chronological
- Thread