Zen Cart Password Reset

If you had to pick what type of password reset system you used, which would it be!

I spent some time looking into different password reset, both sides of the coin sort of speaking… The user side and the dark side. If you think hard about it, the answer would not to have any users accounts! Looking at Zen Cart you have to ask yourself what is it you are protecting. For me, I prefer not to hold any card or payment information on my servers or SQL database. The only thing I’m trying to protect is the user information, address, phone number. I don’t ask for birth dates.

So looking at the possible coding I can find only three possible solutions, 1) email a password and hope they change it. 2) create a token, email it attached to an URL, if the token matched, let them change there password. 3) have them create a answer to a question, if email, question right, let them change there password.

I don’t like the current method of emailing a password and hoping they will change it. Sending the URL with a token is good, but what happens when the email address is dead? I’ve ran into this problem and had to call them to get the password changed. I like the idea of keeping them on site and giving them self-help or even better how about letting them pick a solution. Options like pick how you wish to reset your password please!

I’ve completed working to code my solution, here’s your opportunity to give it a go.

Projects

Some of the projects I’m working on can be found here or my GitHub site.  Also if I uploaded to Zen Cart Plugins, you can find them there and I do answer question there too.  My GitHub versions get the first updates for testing before going live on ZC site.  I also will post them here for your download… Support! Remember, free is free, but I still have to eat, so work comes first!

Projects:

  • My Idea of COWOA (in Progress)
  • Link Manager
  • Responsive Order Steps
  • Pro-Auctions
  • Block Email/Domain addresses
  • Advanced Password Reset Manager