Talk:Forgot Password Cheat Sheet

Revision as of 14:02, 2 September 2015 by Justin C. Klein Keane (talk | contribs) (Logging: new section)

Jump to: navigation, search

Needs revision based on [ Personal Choice and Challenge Questions: A Security and Usability Assessment]



I'm surprised to see that logging isn't a consideration in password reset functionality. Knowing that users attempted a password reset, whether the reset was successful or failed, recording details of reset sessions including IP address and other details would all seem like great suggestions.