Date: 05/04/07 (PHP Community)    Keywords: web

This is probably lame….If you think I’m going in the wrong direction, please shoot me your thoughts.

I have some users I want to support but they always loose their passwords.

The information is a little delicate, so I don’t want to store the passwords without encryption.
…And I don’t want to always be resetting people’s password information.

So I thought I’d write a little script.

Entering your email address on a webpage verifies the user is in the DB and sends them a temporary password in email that would only work for maybe 10 minutes or so.

Other than that, it would work like a typical secure site, except that I would check the (time) expiration of the password regularly.

(And I thought I might occasionally setup a CRON JOB (?) to wipe the DB of long-gone passwords.-----but I’ve never written a cron job so I’m not sure what might be entailed.)

Is this wildly stupid?

Source: http://community.livejournal.com/php/563886.html