Documentation
*Preface
*Introduction
*Versions
*Concepts
*Construction
*Usage
*Operations
  -Assignment
  -Bulk Load
  -Data Preparation...
  -Mail
  -Options
  -Privacy
  -Reset Password
  -Welcome
*Questions
*Settings
*Tutorial
*Internals
*Appendices
Information
Logon

Reset Password

Logon  receiveidleidle  find  Goto

Shortcut LastShow How to order | Version44

Passwords can be stored in the Users table in an unintelligible format (if PasswordHash is set on). This means that Passwords are NOT stored as normal characters/letters that a human can visually recognize. This also means that the site itself cannot actually "read" a stored password. As a result, the site cannot tell the User what the value of a "forgotten password" is.

The Reset Password mechanism provides a technique to permit a User to reset his/her own Password without Administrator intervention (see the Welcome action for a Reset Password action with Administrator involvement).

Here's how Reset Password works:

User responds to a series of personal questions

After initial logon or whenever the User would prefer, s/he clicks to Services: Questions and completes a questionaire of Administrator defined questions about his/her personal circumstances. These Password Reset responses are stored in the User's profile in the database for subsequent use (if necessary).

User forgets his/her Password

Whenever the User cannot get logged on because s/he has forgotten his/her password, s/he clicks to Logon: Reset Password to reset the password. This MUST be from a system that has previously been used to successfully logon as the User. If everything seems ok, the Site will:

  1. randomly select a few questions from the previously completed questionaire and present them to the User
  2. select a subset of the responses to the individual questions for presenting in a pulldown format
  3. the individual User's actual response may or MAY NOT be present in the pulldown (if not present, the User will have to select "None of these")

The User desiring to Reset Password must select the appropriate responses and click "Reset Password". If the responses do not match, an error message is issued and the Site will respond with a different set of questions.

The Responses properly match

If the responses do properly match, the Reset Password function will:

  1. dynamically create a random password and update the User's profile
  2. displays the new Password in the response page ONE TIME ONLY
  3. send an Email message to the User's PrimaryEmail warning him/her that a new Password has been set (the new Password is NOT sent, but only the fact that a new password was set)

  ICRA
Copyright © 2008 by RidgeStar Referees/webmaster@referees.biz
 RidgeStar