Password reset strategy

From DarkWiki
Revision as of 14:52, 10 August 2017 by Apowney (talk | contribs) (Process)
Jump to: navigation, search

Introduction

As part of standard operating procedure, the system needs to help users who have forgotten their password or user id in a simple and secure fashion, without any interaction of support staff.

Common attack vectors

  • Password resets issued by hacker.
  • Forged mails with reset links in.

Aims

  • Users do not like automatically generated passwords
  • Sending a new password or a one-time password/code in an email is insecure
  • The password reset link inside the email will only be used:
    • For a short period of time (e.g. 48 hours)
    • Until such time as the password has been reset
  • The password reset link will be secure, and any modification must be detectable
    • The user's mailbox may be compromised in the future; the link must not be modifiable (e.g. by changing the username, timestamp etc)

Process

There are two possible initiators:

  • The user has forgotten their user name, or
  • The user has forgotten their password.

We do not need to care about which piece of information they have forgotten. We will use their registered email address to send them a link allowing them to set their password.

  • User clicks "I've forgotten my password"
  • The user is prompted for their email address.
  • A password-reset URL is generated.
  • The URL is emailed to the user's mailbox.
  • The user clicks the link
  • The URL is validated by the server
  • The user is presented with the customary two-password-boxes
  • The new password is saved
Retrieved from ‘http://wiki.darkmine.org/index.php?title=Password_reset_strategy&oldid=248