How to give pwd reset link an expiration time?
How to give pwd reset link an expiration time?
(OP)
Hello
I am groping in the dark a little here.
I am hoping to put together some code whereby a user receives a link in his inbox to reset his password.
Following a couple of (outdated) tutorials, I have this in my code:
Should this strBody be a column in my Access database (not clear from the tutorial), and would the uniqueCode be displayed in a column like
this?

If so, how would I give the link a lifespan of X hours?
Many thanks.
I am groping in the dark a little here.
I am hoping to put together some code whereby a user receives a link in his inbox to reset his password.
Following a couple of (outdated) tutorials, I have this in my code:
CODE
cmd = New OleDbCommand("UPDATE university SET uniqueCode=@uniqueCode where strEmail = @strEmail", conn) cmd.Parameters.AddWithValue("@uniqueCode", uniqueCode) cmd.Parameters.AddWithValue("@strEmail", strEmail.Text.Trim()) End If Dim strBody As New StringBuilder() strBody.Append("<a href=http://localhost:2464/SampleApplication/ResetPasswordVB.aspx?emailId=" + strEmail.Text & "&uniqueCode=" & uniqueCode & ">Click here to reset your password</a>")
Should this strBody be a column in my Access database (not clear from the tutorial), and would the uniqueCode be displayed in a column like
this?

If so, how would I give the link a lifespan of X hours?
Many thanks.
RE: How to give pwd reset link an expiration time?
Then when you go to the page, you grab that value and look it up in your table.
To add the expiration time, you can add a column to your table that has a datetime column. This value would be set when you insert the row into the table.
Once you get the row you are looking for, compare the current time with the datetime in the expiration column.
Also, on another note, you should never save your passwords as plain text. This is a major security issue. If someone were to hack your DB, they would have everyone's user name and password.
RE: How to give pwd reset link an expiration time?
Thanks for replying.
Once the site is up and running the passwords will be hashed/salted.
Do you mean that adjacent to the uniqueCode column, I would have another column called, let's say, timeLimit, and that the whole column is a DateTime columm whose properties, I think, are set in Design view?
Thanks again.
RE: How to give pwd reset link an expiration time?
Then you can use that column to compare to the current date/time to see if it has expired.
RE: How to give pwd reset link an expiration time?
OK. Thanks. I am not sure I would be able to code that!
I would need to display another message to the user that the X amount of hours had expired.