[英]What's the best way to secure userID when sending reset-password-link
I created a servlet that checks for userID in LDAP and if it is there, it sends email to that user with link: 我创建了一个servlet,用于检查LDAP中的userID,如果存在,它将通过链接向该用户发送电子邮件:
"Please follow this <a href=\"" + url + "/ConfirmedResetPasswordPage.jsp?action=" + userID + "\"> link </a>to reset your password" ;
I was told that this is not a good practice and that I should create table in MySQl with userID, timeResetRequested, GUID fields. 有人告诉我这不是一个好习惯,我应该在MySQl中使用userID,timeResetRequested,GUID字段创建表。 And pass this GUID in email instead of userID. 并通过电子邮件而不是userID传递此GUID。
And to delete that record after 2 hours. 并在2小时后删除该记录。 Is there a better and cleaner way to accomplish this and still have it secure? 有没有更好,更清洁的方法来完成此任务,并且仍然确保它安全?
Yes, that is a much better way. 是的,这是一个更好的方法。
The question about whether to send a GUID or user id doesn't matter AS much as the reset time out however. 关于发送GUID或用户ID的问题与重置超时无关紧要。
Imagine that you reset your password one day, and then 2 months later you sell your account. 假设您有一天重置了密码,然后在2个月后出售了帐户。 You could then recover your account by resetting your password on a 2 month old email. 然后,您可以通过重置2个月大的电子邮件中的密码来恢复帐户。 You would not need to know the new account password to reset it, but rather just simply log in to your email and hack back your account. 您无需知道新的帐户密码即可将其重置,而只需登录到电子邮件并重新破解您的帐户即可。
Now, despite saying that the reset timer is more important than the guid/user id, you must think, do you want your users knowing their user id? 现在,尽管说重置计时器比GUID /用户ID更重要,但您必须思考,是否要让用户知道其用户ID? If you don't, a GUID is a nice way to mask it. 如果您不这样做,则GUID是掩盖它的好方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.