How to make a forgot password function

Question

1.00/5 (2 votes)

See more:

How can I make a forgot password function to my social media website?

What I have tried:

I have tried to find Out how to make a forgot password function but I haven't find anything. And I Don't know how to set it In my code if I find it out.

Posted 11-Jun-18 22:32pm

Programming Program

Updated 2-Jul-18 5:46am

Add a Solution

3 solutions

Solution 2

Not knowing how to make a function could be a valid question and the first answer, by OriginalGriff gives you a lot of insight as to what should be considered, along with a flow.

I don't think that solves your problems as you added "

Quote:
And I Don't know how to set it In my code if I find it out.

leads me suspect you don't have any idea about how to use php at all. I suggest strongly that you got to this site and learn: PHP 5 Tutorial[^]

It's as though you asked 'what do I need to make soup', followed by a question like 'how do I cook'?

Posted 12-Jun-18 2:10am

W∴ Balboos, GHB

Solution 3

if passwords are saved in mysql database, then at every login there will be a button for forget password or reset password. on backend the function for this button will have a account verification against database and if the account exists, the text in new password textbox will replace the old password in database

Posted 2-Jul-18 5:46am

muhammad sufiyan

Comments

Richard MacCutchan 2-Jul-18 11:51am

And how will that verify that the person setting the new password is the real user?

muhammad sufiyan 2-Jul-18 11:56am

when a user will create a new account, he will add a unique username/ID which only he will know. by the time of resetting password, this unique username/ID will be asked for authentication, which will verify the user's authentication

CHill60 3-Jul-18 7:21am

usernames and IDs can be discovered or broken. You should also never store passwords on the database. This is a very bad solution, even when clarified

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

OriginalGriff · Accepted Answer · 2018-06-11T23:20:00

Hopefully, you aren't storing the passwords either in plain text (very, very bad) or encrypted (still verry, very bad) but hashed - in which case once the user forgets the password, nobody knows what it is, or how to "recover" it.
Instead, when they press "forgotten my password" you email a link to the registered email address which contains a GUID or similar to identify which link was pressed. You then look that GUID up in a "forgotten password" table which contains and expiry date and time, plus a link to the original account. If it's all ok, you reset the password to a random value, tell them the new password, delete the row from the "forgotten password" table and take them to a "change your password" page to let them enter a new one.

Sounds complicated? it isn't, not really. But it has to be done this way to prevent me "stealing" your account!