Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6

Thread: lost passwords

  1. #1
    New Coder
    Join Date
    Jan 2004
    Posts
    67
    Thanks
    0
    Thanked 0 Times in 0 Posts

    lost passwords

    In my access database i have 2 tables called seceret question and secret answer. I would like to provide users with thier passwords without using emails. There would be a screen where they can enter thier username, secret answer then thier password will be displayed on the screen. Or alternatively they could just enter thier username and thier password is displayed. any ideas?

    thanks

  • #2
    Senior Coder
    Join Date
    Jun 2002
    Location
    Wichita
    Posts
    3,880
    Thanks
    0
    Thanked 0 Times in 0 Posts
    And the problem/question is? I'm pretty sure you want something from us but it's not real clear what it is that you want.
    Check out the Forum Search. It's the short path to getting great results from this forum.

  • #3
    Senior Coder Morgoth's Avatar
    Join Date
    Jun 2002
    Location
    Ontario, Canada Remaining Brain Cells: 6
    Posts
    1,402
    Thanks
    2
    Thanked 1 Time in 1 Post
    Roy is right, it's a little unclear.

    I assume you want us to tell you what the best method for retrieving lost passwords would be. That's a question that will only get you opinions, I don't know if there is a best way to do it, and it looks like you don't want to use e-mails.

    Here's what I would do without using e-mail:
    My suggestion is not to use 2 new tables, but use your Students table with their username, password, firstname, etc... in it.
    You will also have two new fields, "secretQ" and "secretA" where you will store your secret question, and your secret answer.

    You will make a new page which will be your password retrieval page.
    You will get them to type in their username and firstname, hit submit. If the username and firstname can not be matched in the database redirect to another page.

    If the username and firstname match in the database this second page will display the secretQ. They will type in the secretA, if they get it wrong, kick them, if they get it right show their password to them.

    This is simple, but to make it bug and hack free you will need to impliment some safety protocols.

  • #4
    New Coder
    Join Date
    Jan 2004
    Posts
    67
    Thanks
    0
    Thanked 0 Times in 0 Posts
    just a simple script that displays the password once you submit your username. I have done a similar stuff using coldfusion

  • #5
    New Coder
    Join Date
    Aug 2004
    Posts
    44
    Thanks
    0
    Thanked 0 Times in 0 Posts
    So I could type in someone elses username and see their password without answering the sekrit question?

  • #6
    Senior Coder Morgoth's Avatar
    Join Date
    Jun 2002
    Location
    Ontario, Canada Remaining Brain Cells: 6
    Posts
    1,402
    Thanks
    2
    Thanked 1 Time in 1 Post
    Quote Originally Posted by sagat
    just a simple script that displays the password once you submit your username. I have done a similar stuff using coldfusion
    That's not very safe, I would have to agree with BuddhaMan.
    Quote Originally Posted by BuddhaMan
    So I could type in someone elses username and see their password without answering the sekrit question?
    The idea of having a secret question is that it can't be answered by anyone by the person the knows the answer (the user that wrote it)

    Either that, or ask for some personal information, like first and last name, along with age, or address. What ever is in the database that is seen by no one but the user that owns the account.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •