Good password recovery methods
Mobile Technologies
Mobile Computing
2 years ago
5
Star Rating
1
Rating
_x000D_
_x000D_
I am currently worrying about a password recovery method for users of a web application.
One idea would be to use an E-Mail with a recovery url, only asking the user for his/her user name, but if he/she forgot that too, ask for e-mail address.
Another idea would be to use "secret questions" and then send the password to the user.
Do you know any other, possibly better, options for password recovery? Are there any downsides, besides user frustration, to have a "wrong password limit"?
EDIT:
Yesterday I was told that in some of the older versions, which are still updated and used by some customers, neither E-Mail addresses nor user names have to be unique.
So I'm totally stuck now. The only thing coming to my mind is using a secret question which the user can select after first login. But instead of sending an E-Mail opening the "new password dialog" directly.
Do you have any more ideas?
Posted on 16 Aug 2022, this text provides information on Mobile Computing related to Mobile Technologies. Please note that while accuracy is prioritized, the data presented might not be entirely correct or up-to-date. This information is offered for general knowledge and informational purposes only, and should not be considered as a substitute for professional advice.
Take Quiz To Earn Credits!
Turn Your Knowledge into Earnings.