Zen Reset Password v1.01
There are 3 types of Password Resets with this mod:
- Send New Password (existing) with a twist
- Send link with token to reset password (URL way)
- On-site Reset of Password (Used on other major sites)
Read up on password resetting and you'll see many issues with all 3 methods, so deciding on which one to use for your site is up to you. Sending passwords over emails is high on my list and others as NEVER DO which is why I started down this patch... Password token is good, but has it's own issues, plus may take the user away form your site for a time. On-site has issues too, but the nice thing is, the user never leaves and the only one that keeps the shopping cart intact.
We can create the best code possible to keep our sites safe, but most hacks are done by phone talking to a customer service rep and getting them to hack it for you! Just ask the FBI director about that one!
For number three to work, a password question and answer had to be added through out the site. Because this can be installed on an existing site with existing users, I added the question and hint to the customer edit page in admin. If someone without a hint wants to reset, they are told to contact the store for help. Add the question and hint while the customer is on the phone and tell them what it is. They will then be able to complete the password reset then change the question if they would like to.
Password hint/answer for me is just something to use if I need to reset my password, I never answer what the question is about. I've heard this runs both ways, some use it like me, while other answer correctly. The cool thing is, this could be used for another layer of protection for other things and not just a password reset.
I spent the last 3 months changing my passwords on different sites to see what method they used... none sent me an email with a password. Some used token, some had some sort of on-site reset method, most used question/answer at three to four levels. Here I'm only using one level, we could up that down the road.
As another layer of protection, all three methods send emails to the user and admin. The token is created using a md5 hash out of user name, user email, random length character set (set in admin), expiration date, and then salted (set in admin)... This made it as messed up random length and type of token as I could get... Once used, it's deleted at that time. It also has a life span set in admin.