Connecting Tech Pros Worldwide Help | Site Map
bytes > topic > c sharp > answers

Harrassment Using the Password Recovery Control

clintonG
Guest
  
Posts: n/a
#1: May 20 '06
When the password is hashed and most secure this control mails a new
password to anybody that provides an authenticated user name. The previous
password can no longer be used to login. The newly "recovered" password must
be used to login and then the user must change the newly generated password
back to what may be a preferred password.

Know anybody you want to harrass? Simply enter their user name into an
ASP.NET 2.0 Password Recovery control.


<%= Clinton Gallagher
NET csgallagher AT metromilwaukee.com
URL http://www.metromilwaukee.com/clintongallagher/
Simon Smith
Guest
  
Posts: n/a
#2: May 20 '06

re: Harrassment Using the Password Recovery Control

[color=blue]
>
>When the password is hashed and most secure this control mails a new
>password to anybody that provides an authenticated user name. The previous
>password can no longer be used to login. The newly "recovered" password must
>be used to login and then the user must change the newly generated password
>back to what may be a preferred password.
>
>Know anybody you want to harrass? Simply enter their user name into an
>ASP.NET 2.0 Password Recovery control.
>
>
><%= Clinton Gallagher
>[/color]

And this makes it different from 99% of all known 'Forgotten your password?'
promts on the web in which way?

--
Simon
Galcho[MCSD.NET]
Guest
  
Posts: n/a
#3: May 20 '06

re: Harrassment Using the Password Recovery Control

This is where secret question/answer combination helps. User must know
secret answer too

I hope this helps
Galin Iliev[MCSD.NET]
www.galcho.com
Simon Smith
Guest
  
Posts: n/a
#4: May 20 '06

re: Harrassment Using the Password Recovery Control

[color=blue]
>
>This is where secret question/answer combination helps. User must know
>secret answer too
>
>I hope this helps
>Galin Iliev[MCSD.NET]
>www.galcho.com
>[/color]


OK, I apologize: it's not 99%, it's 90%.

--
Simon

BTW - if you quoted messages you answer, people might know what you're
talking about. I just took a swag that you were answering my earlier reply.
Since you didn't provide a secret question/answer combination then this
clintonG
Guest
  
Posts: n/a
#5: May 20 '06

re: Harrassment Using the Password Recovery Control

It looks that way doesn't it? But I wonder how many have or are implementing
that template.

<%= Clinton Gallagher
NET csgallagher AT metromilwaukee.com
URL http://www.metromilwaukee.com/clintongallagher/


"Galcho[MCSD.NET]" <galcho@gmail.com> wrote in message
news:1148139566.452570.172700@38g2000cwa.googlegro ups.com...[color=blue]
> This is where secret question/answer combination helps. User must know
> secret answer too
>
> I hope this helps
> Galin Iliev[MCSD.NET]
> www.galcho.com
>[/color]
Closed Thread

« previous question | next question »

Similar C# / C Sharp bytes

/bytes/development

/bytes/it

/bytes/about

We are a network of experts and professionals in IT and software development that help one another with answers to tough questions and share insights. Get the best answers to your questions from over 226,295 network members.

dev questions:
algorithms | asp | asp.net | c/c++ | coldfusion | c# | flash | html/css | java | javascript |
mobile dev | .net | perl | php | python | ruby | software dev | vb.net | visual basic | xml
it questions:
access | apache | careers | db2 | iis | macosx | mysql | networking | oracle | postgresql | sql server | unix | windows

About Bytes | Copyright 1995-2009 BYTES. All rights Reserved