Is it a good idea to only require an email address from users at signup (without a password or other details)? After they sign up, we will send a random password to their email address; this password can be customised after the user logs in.
Are there any possible downsides to doing this?
Answer
Emailing the password exposes it, since it is sent as unencrypted text.
If you do email the password, make sure the user changes it during the first login.
Alternatively, you could send a link to a continue page where the user can choose a password. This link has to have a time limit, since the link is also sent as unencrypted text.
You can use the same technique for resetting the password if the user forgets it.
Even if you do ask the user for a password during signup (this is the most secure out of the two options), sending an email for confirming the email address prior to enabling the account is a good idea (prevents others from signing up using your email address). This email should have a deadline (e.g. an hour or one day), so that the account will be cancelled if the email address is not confirmed. This will also enable signing up with the same user name but using the correct email address after the timeout.
Also, you may want to consider letting the user fill additional fields e.g. a display name or user name either before sending the email or after the email has been received.
No comments:
Post a Comment