Register
If you forget your password for a website and you click [Forgot my password], sometimes the company sends you a new password by email, but sometimes it sends you your old password by email. Which is a
158k views
4 votes
If you forget your password for a website and you click [Forgot my password], sometimes the company sends you a new password by email, but sometimes it sends you your old password by email. Which is a better method from a security perspective and why

User TOLULOPE ADETULA
by
3.8k points

2 Answers

4 votes

Final answer:

From a security perspective, it is better for a company to send a new password when a user forgets their password for a website, rather than sending the old password via email.

Step-by-step explanation:

From a security perspective, it is better for a company to send a new password when a user forgets their password for a website, rather than sending the old password via email. There are several reasons for this:

  1. Old passwords can be compromised: If a company sends the old password via email, there is a risk that the email containing the password could be intercepted by hackers or accessed by unauthorized individuals. This could result in the user's account being compromised.
  2. New passwords offer better security: By sending a new password, the company ensures that the user has a fresh, secure password that hasn't been compromised. This helps protect the user's account from unauthorized access.
  3. Encourages better password management: Sending a new password encourages users to update their passwords regularly and choose stronger passwords, as they are forced to change their password upon receiving the email.

In summary, sending a new password when a user forgets their password is a better method from a security perspective as it reduces the risk of password compromise and promotes better password management.

User Giacomo Spettoli
by
4.3k points
2 votes

Answer:

new password by email

Step-by-step explanation:

The better method would be sending a new password by email. This is because, most user tend to use repeated passwords for the vast majority of their online accounts. Therefore, sending their old password can cause problems if someone else has access to the user's email and discovers their old password. They may then be able to use this password to access various other accounts that the user possess. The best option would be to send the user a temporary new password and force the user to change the password once they regain access into their account.

User Taylor Lopez
by
4.0k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

4.4m questions

5.6m answers

Other Questions

Drag each connector name to match the connector type shown.
In which part is data processing done?
What is the maximum throughput of a homogeneous pipeline in which four processors each handle one million instructions per second and processing a data item requires 50, 60, 40, and 30 instructions, respectively?
What problem does chlorofluorocarbon (CFC) create? a. it causes lead poisoning b.it causes great damage to the ozone layer c. it leaks into food as it cools the air and refrigerators d. it is responsible
How do you perceive the importance of Internet?
Link Copied!