为什么"忘记密码"坏? [英] Why is "Forgotten Password" bad?
问题描述
我碰到这个声明是
不要使用忘记密码
功能。但是,如果你必须保证
您只提供
信息的实际用户,例如
通过使用电子邮件地址或挑战
疑问,合法用户
在过去已经提供;不要
允许当前用户改变此
身份信息,直到正确
密码已提供。
Do not use "forgotten password" functionality. But if you must, ensure that you are only providing information to the actual user, e.g. by using an email address or challenge question that the legitimate user already provided in the past; do not allow the current user to change this identity information until the correct password has been provided.
有人能解释,为什么被遗忘的密码是有风险吗?我打算通过发送用户的链接在电子邮件重设密码来处理它,但不会为他们提供旧密码(因为它反正哈希)和重置的时候不问他们的旧密码。是不是有什么危险的关于我的做法?
Can someone clarify why forgotten passwords are a risk? I plan to handle it by sending the user a link in their email to reset the password, but will not provide them with the old password (since it's hashed anyway), and will not ask them for the old password when resetting. Is there something risky about my approach?
推荐答案
您的做法是完全正确的,只要你不存储密码。
Your approach is absolutely right, as long as you don't store the password.
问的安全问题是绝对反而不好,因为它容易被通过猜测一个答案只是绕过。
Asking the security question is absolutely bad instead, as it's prone to be bypassed just by guessing an answer.
只是一个小编辑:虽然可能很难抓到所有的人,你应该尝试不允许的mailinator电子邮件帐户(或类似服务的电子邮件地址)的使用,因为mailinator +忘记密码=灾难
Just a little edit: although it may be difficult to catch all of them, you should try to disallow the usage of mailinator email accounts (or email addresses from similar services) because mailinator + forgot password = disaster.
这篇关于为什么"忘记密码"坏?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
