What is the best way to implement password recovery in terms of usability?

Question

What is the best way to implement password recovery in terms of usability?

I read other password recovery questions on SO, and it seems that most people believe that sending a password recovery link can only be used once and expires in a couple of days to be the most secure.

Now my question (I know this is subjective, but I'm looking for information that you could get from your users)

Is it really user friendly? and by users, I mean your grandmother, not you, an employee.

+3

security

Sruly Aug 3 '10 at 13:50

source share

5 answers

, ?

+1

codymanix 03 . '10 14:29

, , ?

, , , .

, reset.

0

Lazarus 03 . '10 13:57

, :

" ", .
( ) reset.
, . ( / 0, o, 1, .. .)

( , ), , reset.

( ) , . ( , , , reset.) , , -, .

0

John Parker 03 . '10 14:01

In terms of usability? If the login fails three times in a row, suppose that they legally forgot their password, let them all the same ask to change the password.

One of the best systems I've seen for low security accounts is to send a link. The user does not need to remember the site URL, username or password. The site does not know about any shortcomings that the user has when managing passwords.

0

Tom Hawtin - tackline Aug 3 '10 at 14:15

source share

Johan · Accepted Answer · 2010-08-03T13:55:48+0000

, , , , .

, , .

, , OpenID, .

What is the best way to implement password recovery in terms of usability?

More articles: