Home > Archive > PHP DB > September 2004 > Re: [PHP-DB] Question on Registration Method
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Re: [PHP-DB] Question on Registration Method
|
|
| Jason Wong 2004-09-26, 3:55 pm |
| On Sunday 26 September 2004 19:45, Stuart Felenstein wrote:
> While I'm okay with mine, not completely satisfied.
> I'd like to change it to the type where like above the
> username and password is sent via email, but with the
> addition of a link in the email whereby the user must
> click on link to be "activated". You probably have
> seen this, but to spell it out - even though they have
> the user name and password it somehow is not good
> enough to login with until this "activation" takes
> place.
Can someone please enlighten me on what extra security this method provides
over and above the following more simple methods:
- Send user a system generated password with which they can login and
subsequently change.
- Send user an activation link which once clicked on would activate them and
allow them to choose a password.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-db
------------------------------------------
/*
Believe everything you hear about the world; nothing is too impossibly bad.
-- Honor'e de Balzac
*/
| |
| Stuart Felenstein 2004-09-26, 3:55 pm |
| How are they any different?
I'm seeing the same thing as your method.
Stuart
--- Jason Wong <php-db@gremlins.biz> wrote:
> On Sunday 26 September 2004 19:45, Stuart Felenstein
> wrote:
>
> satisfied.
> the
> the
> must
> have
> have
>
> Can someone please enlighten me on what extra
> security this method provides
> over and above the following more simple methods:
>
> - Send user a system generated password with which
> they can login and
> subsequently change.
>
> - Send user an activation link which once clicked on
> would activate them and
> allow them to choose a password.
>
> --
> Jason Wong -> Gremlins Associates ->
> www.gremlins.biz
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet
> Applications Development *
> ------------------------------------------
> Search the list archives before you post
> http://marc.theaimsgroup.com/?l=php-db
> ------------------------------------------
> /*
> Believe everything you hear about the world; nothing
> is too impossibly bad.
> -- Honor'e de Balzac
> */
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
| |
| Jason Wong 2004-09-26, 3:55 pm |
| On Monday 27 September 2004 03:01, Stuart Felenstein wrote:
> How are they any different?
>
> I'm seeing the same thing as your method.
These two methods are separate:
[color=darkred]
OR
[color=darkred]
What is the advantage in sending someone a password AND making them click on a
link to activate?
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
------------------------------------------
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-db
------------------------------------------
/*
A countryman between two lawyers is like a fish between two cats.
-- Ben Franklin
*/
| |
| Joseph Crawford 2004-09-26, 8:55 pm |
| $_GET['activation_hash] is missing the end '
On Mon, 27 Sep 2004 03:20:22 +0800, Jason Wong <php-db@gremlins.biz> wrote:
> On Monday 27 September 2004 03:01, Stuart Felenstein wrote:
>
> These two methods are separate:
>
>
> OR
>
>
> What is the advantage in sending someone a password AND making them click on a
> link to activate?
>
> --
> Jason Wong -> Gremlins Associates -> www.gremlins.biz
> Open Source Software Systems Integrators
> * Web Design & Hosting * Internet & Intranet Applications Development *
> ------------------------------------------
> Search the list archives before you post
> http://marc.theaimsgroup.com/?l=php-db
> ------------------------------------------
> /*
> A countryman between two lawyers is like a fish between two cats.
> -- Ben Franklin
>
>
> */
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
Joseph Crawford Jr.
Codebowl Solutions
codebowl@gmail.com
802-558-5247
For a GMail account
contact me OFF-LIST
|
|
|
|
|