Saturday, June 2, 2012

New password recovery mechanism

If you forget your password, you can now ask for a password reset email, which allows you to reset your password to a new one. The reset URL is only valid for two hours and can only be used once. With this change, the EDAS database now only includes hashed passwords, reducing the chance of accidental disclosure of passwords that you might be using elsewhere. We are also strengthening the password requirement, so that trivial passwords such as 1234 or dictionary words are no longer acceptable.

1 comment:

  1. Yes i am totally agreed with this article and i just want say that this article is very nice and very informative article.I will make sure to be reading your blog more. You made a good point but I can't help but wonder, what about the other side? !!!!!!THANKS!!!!!!
    jiofi.local.html

    ReplyDelete