密码恢复，而不通过电子邮件发送密码 [英] Password Recovery without sending password via email

问题描述

所以，我一直在玩的asp：PasswordRecovery ，发现我真的不喜欢它，有以下几个原因：

So, I've been playing with asp:PasswordRecovery and discovered I really don't like it, for several reasons:

1）Alice的密码被重置，甚至无需进入爱丽丝的电子邮件。密码重置安全问题减轻这一点，但并没有真正满足我。

1) Alice's password can be reset even without having access to Alice's email. A security question for password resets mitigates this, but does not really satisfy me.

2）Alice的新密码以明文形式发送回她。我宁愿送她一个特殊的链接到我的网页（例如网页像example.com/recovery.aspx?P=lfaj0831uefjc），这将让她改变了她的密码。

2) Alice's new password is sent back to her in cleartext. I would rather send her a special link to my page (e.g. a page like example.com/recovery.aspx?P=lfaj0831uefjc), which would let her change her password.

我想我可以通过建立某种即将到期的密码恢复页表和发送这些网页谁问了复位用户这样做我自己。不知怎的，这些页面也可以改变幕后用户密码（例如，通过手动重置它们，然后使用新密码的文本以更改密码，因为密码不能在不知道旧的改变）。我敢肯定，在别人面前也有这个问题，那种解决方案，令我有点哈克。有没有更好的方式来做到这一点？

I imagine I could do this myself by creating some sort of table of expiring password recovery pages and sending those pages to users who asked for a reset. Somehow those pages could also change user passwords behind the scenes (e.g. by resetting them manually and then using the text of the new password to change the password, since a password cannot be changed without knowing the old one). I'm sure others have had this problem before and that kind of solution strikes me as a little hacky. Is there a better way to do this?

这是理想的解决方案不通过直接访问数据库破坏封装而是使用数据库内的现有的存储过程...尽管这可能是不可能的。

An ideal solution does not violate encapsulation by accessing the database directly but instead uses the existing stored procedures within the database...though that may not be possible.

推荐答案

我目前正在实施一个开源的用户管理系统对春+ SpringSecurity的顶部，这里是我如何解决密码丢失的问题。

I'm currently implementing an open source user management system on top of Spring + SpringSecurity, and here's how I'm addressing the lost password problem.

1. 的用户的帐户必须有preregistered的电子邮件地址。


2. 要请求重置，用户输入自己的账户名变成一种形式。


3. 一个临时的重置code生成并连接到该帐户，并通过电子邮件发送到嵌入在超链接的用户。


4. 在收到电子邮件，用户点击该将他们带到一个页面输入自己的新密码的链接。


5. 接受新密码，重设code（从链接）与存储的code检查之前，以确保它是正确的，它没有过期。

这避免了在电子邮件中发送密码（清）。而且还可以防止一个人重置其他人的密码，只是造成滋扰，因为密码重置只发生在链接已被使用了。

This avoids sending a password (in clear) in an email message. And it also protects against one person resetting another person's password just to be a nuisance, because the password reset only takes place after the link has been used.

但它依赖于用户的电子邮件帐户被安全，并在电子邮件没有在传输过程中窃听。对于一些应用，这个可能不可接受的风险。

But it does rely on the user's email account being secure, and in the email not being snooped while in transit. For some applications, this maybe an unacceptable risk.

等式的另一部分是，你需要非常小心有关更改用户的注册电子邮件地址。最起码，用户必须在请求输入他们的当前密码更改地址...为prevent反对通过无人值守的登录会话黑客攻击。

Another piece of the equation is that you need to be really careful about changing a user's registered email addresses. At the very least, the user must enter their current password with the request to change address ... to prevent against hacking via unattended login sessions.

这篇关于密码恢复，而不通过电子邮件发送密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！