This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:Forgot Password Cheat Sheet

From OWASP
Revision as of 21:21, 2 September 2015 by Jmanico (talk | contribs)

Jump to: navigation, search

Logging

I'm surprised to see that logging isn't a consideration in password reset functionality. Knowing that users attempted a password reset, whether the reset was successful or failed, recording details of reset sessions including IP address and other details would all seem like great suggestions.

More on Logging

I think adding logging info like you described is a good idea. Go ahead and add it in!

- Jim Manico Sept 2, 2015

Retrieved from "https://wiki.owasp.org/index.php?title=Talk:Forgot_Password_Cheat_Sheet&oldid=199901"