Facility to reset forgotten passwords
Today’s little improvement: a ‘Forgotten password’ page. It’s pretty self-explanatory. You click ‘Forgotten password’, enter either your login id or your email address. If it matches then it sends you an email. In that email is a link containing a special unique code. You click the link, the code matches, you’re allowed to change your password and then login.
Of course, the security breaks down if someone can get into your email address, but i’m not going to worry that far. Incidentally the code sent in the email only works once, and it’s unique for everybody, every time. So i think we’re fairly secure.
If anyone would like to ‘forget’ their password to try it out, please go ahead! There’s nothing to stop you ‘resetting’ your password to the same as it was before.
Oh, one more thing … if you enter someone else’s login id, all you will do is send them an email which they can ignore. It could be annoying though, so please don’t bother!