On 10/8/07, Bill Fenner <[EMAIL PROTECTED]> wrote: > Which is an excellent way to partially lock someone out of the site, > by preemptively changing their pasword (and emailing them the new > one). This operation should really email a challenge URL which, if > visited, leads to a "set new password" page.
I don't get it. In order to receive the new password you have to be able to read the email, which means you have access to the email address associated with the account. If that's the case, nothing emailed to that address is safe. -- "Bureaucrat Conrad, you are technically correct -- the best kind of correct." --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
