|
It would be good to have an option that instead of e-mailing the password in the clear to the user, disable their password and use a custom link (similar to the 'change my e-mail process) that would send an e-mail to the user, they click on a link that gives them the ability to enter a new password, then send a message to the e-mail saying that the password has been changed.
for users with this set you would not need to store the password in the clear (or even in a reversable encryption), and could store the password hash instead of the password itself.
not a critical thing, but a 'best practices' type of thing (but one that gets some people very upset)
|