kiffin.gish at planet
Feb 13, 2010, 11:38 AM
Post #4 of 4
You're correct on that issue. However, I still want to be able to let
user's who forgot their passwords to have their password reset. The
temporary password is immediately emailed to them with an embedded link.
The next time they login, they will always be redirected to the change
password page until they change it.
On Sat, 2010-02-13 at 20:15 +0100, Marcus Ramberg wrote:
> Also, I would not recommend forcing password resets on a regular basis
> for security reasons. This almost always ends up in users either using
> simpler pattern passwords or writing their passwords on a note taped
> to the screen, thus reducing security.
> Marcus Ramberg
> Nordaaker ltd.
> +47 934 17 508
> On Tue, Feb 9, 2010 at 4:47 PM, Tomas Doran <bobtfish [at] bobtfish> wrote:
> > Kiffin Gish wrote:
> >> Any suggestions on an elegant way to solve this?
> > Don't use auto.
> > Use chained dispatch and have /noauth, /auth and /passwordreset (not sure if
> > the latter one is needed) top level path parts everything is chained off of.
> > Also, this should be on the users list as it's nothing to do with developing
> > Catalyst itself (or Catalyst components), but a question about your app.
> > Cheers
> > t0m
> > _______________________________________________
> > Catalyst-dev mailing list
> > Catalyst-dev [at] lists
> > http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst-dev
> Catalyst-dev mailing list
> Catalyst-dev [at] lists
Kiffin Gish <Kiffin.Gish [at] planet>
Gouda, The Netherlands
Catalyst-dev mailing list
Catalyst-dev [at] lists