[OWASP_PHPSEC] Password Reset Controller

rahul chaudhary rahul300chaudhary400 at gmail.com
Tue Sep 10 13:42:39 UTC 2013


For linux I dont know any...first I used BoUML and it was a mess...can you
recommend some ?


On Tue, Sep 10, 2013 at 9:40 AM, Abbas Naderi <abiusx at owasp.org> wrote:

> Yeah, create a docs folder on the repo and put them there.
> Its a good idea to use a diagramming software, and not ms word though :D
> -A
>
> ______________________________________________________________
> *Notice:** *This message is *digitally signed*, its *source* and *
> integrity* are verifiable.
> If you mail client does not support S/MIME verification, it will display a
> file (smime.p7s), which includes the X.509 certificate and the signature
> body.  Read more at Certified E-Mail with Comodo and Thunderbird<http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> in
> AbiusX.com
>
> On Sep 10, 2013, at 9:38 AM, rahul chaudhary <
> rahul300chaudhary400 at gmail.com> wrote:
>
> For forgot password, there will be another controller.
>
> Another question,
> Is there any place I can put all these controller diagram files. Its not
> good to pass them in email because if someone edits one controller and
> sends it back, it would be a mess to keep an updated list.
>
>
> On Tue, Sep 10, 2013 at 9:36 AM, Abbas Naderi <abiusx at owasp.org> wrote:
>
>> Don't forget to check for enumeration attacks. The URL for password
>> resetting should not have anything related to the user, yet you can not
>> expect the user to login for password reset (what if they have forgotten
>> password!?).
>> -Abbas
>>      ______________________________________________________________
>> *Notice:** *This message is *digitally signed*, its *source* and *
>> integrity* are verifiable.
>> If you mail client does not support S/MIME verification, it will display
>> a file (smime.p7s), which includes the X.509 certificate and the signature
>> body.  Read more at Certified E-Mail with Comodo and Thunderbird<http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> in
>> AbiusX.com <http://abiusx.com/>
>>
>> On Sep 10, 2013, at 9:32 AM, rahul chaudhary <
>> rahul300chaudhary400 at gmail.com> wrote:
>>
>> Hello All,
>>
>> Here is the password reset controller. Take a peek.
>>
>> --
>> Regards,
>> Rahul Chaudhary
>> Ph - 412-519-9634
>>  <Password Reset Controller.docx>
>> _______________________________________________
>> OWASP_PHP_Security_Project mailing list
>> OWASP_PHP_Security_Project at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp_php_security_project
>>
>>
>>
>
>
> --
> Regards,
> Rahul Chaudhary
> Ph - 412-519-9634
>
>
>


-- 
Regards,
Rahul Chaudhary
Ph - 412-519-9634
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20130910/65152a99/attachment.html>


More information about the OWASP_PHP_Security_Project mailing list