The code has been successfully written to change a user’s password. Here’s how it works!
- step 1: User claims they have forgotten their password. They need to input some form of identification (whether it’s their username, email address, or user ID) so we know which user’s password to reset.
- step 2: The user is sent an email with a link they can go to which will automatically reset their password. This link has get parameters attached to it, so it will look something like this:
http://cias.rit.edu/~feedme/quietus/php/newPasswordSet.php?userID=&password=50ff4740002e975652481a30508db78f
The userID parameter is obviously the user’s ID, and the password parameter is the current user’s password as it has been encrypted and saved in the database, but encrypted again. - step 3: The user goes to the link, and the database matches the password in the string with the encrypted password in the database. If they match, a new password string of 8 characters composed of letters and numbers will be randomly generated. This new password will be sent to them via email, and encrypted and saved in the database. Now, they can log in with this new password.
- step 4: They can go to a “change password” page inside the quietus consulting application to change their randomly generated password to something they can more easily remember.
Steps to be accomplished: Step 1 and step 4. both these steps require their own pages in the quietus consulting application. Also, a page for Step 3 may need to be designed. This will be an html page.
Reasoning behind this method: This way, a user cannot falsely claim to be another user and request a password reset. If they do, the only action that occurs is that an email is sent to the user. If it is ignored, no change is made in the database. The user must actively click on the link in the email to get their password reset.
Other possible methods: If I can find a way, the link in the email could go directly to the “change your password” page in the quietus consulting application (thanks to gaia deep linking), and the user could change their password from there. This method would be much more complicated, and less secure.
Any thoughts / comments / clarification?
