By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,170 Members | 1,421 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,170 IT Pros & Developers. It's quick & easy.

Harrassment Using the Password Recovery Control

P: n/a
When the password is hashed and most secure this control mails a new
password to anybody that provides an authenticated user name. The previous
password can no longer be used to login. The newly "recovered" password must
be used to login and then the user must change the newly generated password
back to what may be a preferred password.

Know anybody you want to harrass? Simply enter their user name into an
ASP.NET 2.0 Password Recovery control.
<%= Clinton Gallagher
NET csgallagher AT metromilwaukee.com
URL http://www.metromilwaukee.com/clintongallagher/
May 20 '06 #1
Share this Question
Share on Google+
4 Replies


P: n/a

When the password is hashed and most secure this control mails a new
password to anybody that provides an authenticated user name. The previous
password can no longer be used to login. The newly "recovered" password must
be used to login and then the user must change the newly generated password
back to what may be a preferred password.

Know anybody you want to harrass? Simply enter their user name into an
ASP.NET 2.0 Password Recovery control.
<%= Clinton Gallagher


And this makes it different from 99% of all known 'Forgotten your password?'
promts on the web in which way?

--
Simon
May 20 '06 #2

P: n/a
This is where secret question/answer combination helps. User must know
secret answer too

I hope this helps
Galin Iliev[MCSD.NET]
www.galcho.com

May 20 '06 #3

P: n/a

This is where secret question/answer combination helps. User must know
secret answer too

I hope this helps
Galin Iliev[MCSD.NET]
www.galcho.com

OK, I apologize: it's not 99%, it's 90%.

--
Simon

BTW - if you quoted messages you answer, people might know what you're
talking about. I just took a swag that you were answering my earlier reply.
Since you didn't provide a secret question/answer combination then this
May 20 '06 #4

P: n/a
It looks that way doesn't it? But I wonder how many have or are implementing
that template.

<%= Clinton Gallagher
NET csgallagher AT metromilwaukee.com
URL http://www.metromilwaukee.com/clintongallagher/
"Galcho[MCSD.NET]" <ga****@gmail.com> wrote in message
news:11**********************@38g2000cwa.googlegro ups.com...
This is where secret question/answer combination helps. User must know
secret answer too

I hope this helps
Galin Iliev[MCSD.NET]
www.galcho.com

May 20 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.