CodeCharge Studio
search Register Login  

Visual Web Reporting

Visually create Web Reports in PHP, ASP, .NET, Java, Perl and ColdFusion.

YesSoftware Forums -> CodeCharge -> Programming

 Hlp pls - New user password in email - Best Practice

Print topic Send  topic

Author Message

Posts: 76
Posted: 03/31/2006, 6:15 AM


Background on project
Although my database will only record a users name, email, address, username and password for the members area, I think it wise to encrypt the password field.
This I have done successfully. Before Update.

I have a welcome email which is excecuted from the sign-up page with custom code placed in After Insert

The Question

What's the best practice for sending a new users unencrypted password in the welcome email?

If the email is sent after successful insertion on the new user record the password is encrypted.

Should I create a temporary cookie with the unencrypted password and retrieve that for the email?
Should I create a Global variable for password field before encryption?

Am I not seeing a simple solution here?

All responses gratefully recieved

View profile  Send private message

Posts: 1712
Posted: 04/02/2006, 8:43 AM

When a user registers do they enter a password or do you assign one to them??

One idea would be to send them a system generated password that would force them to input thier own password once they signed on to the system.
View profile  Send private message

Posts: 76
Posted: 04/03/2006, 6:09 AM

Hi Mambo Brown,

Thanks for the reply.

I have them entering a password then confirmimg that password on the next row.

I have been considering your suggestion for last 24 hours. It has merit and for many projects it would be the solution. However, for this project I want to get new members landing on our free offers page after signup.

I have two groupid's for members. one for new sign-up and another for after they confirm that the email address supplied actually get's to their inbox (confirm via confirmation link in email)

So basically I am giving them limited access as an un-confirmed member and full access once confirmed.

I am thinking of using the confirm password field for the confirmation email because I am validating the two password fields before password field is encrypted.

So this thought lead to me posting this thread.

I am not sure for how long the values from form fields are available once the the form insert is executed. I'm guessing right up until the landing page is excecuted.

So today I will attempt to insert my email code in After Insert and I'll see.

Thanks again for your suggestion and taking the time to reply :-)
View profile  Send private message

Add new topic Subscribe to topic   

These are Community Forums for users to exchange information.
If you would like to obtain technical product help please visit

PHP Reports

Visually create Web Reports in PHP, ASP, .NET, Java, Perl and ColdFusion.

Home   |    Search   |    Members   |    Register   |    Login

Powered by UltraApps Forum created with CodeCharge Studio
Copyright 2003-2004 by  and YesSoftware, Inc.