On 06/29/2011 12:01 PM, Daniel Moisset wrote:
django.auth already provides a password reset mechanism, where users
can get a password reset link.
So, woudn't this work for you?:
1) Create users with a large random password. Destroy every copy of the password
2) Use the reset password feature with their email to force it to set
an initial value
That way you never send them actual passwords, and the only passwords
they can use are the ones they set.
all of this works with no additional support needed from django
D.
That would work, and I'd recommend using the provided
set_unusable_password method instead of setting a random password for
additional security.
--
You received this message because you are subscribed to the Google Groups "Django
developers" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-developers?hl=en.
