Cas Eliëns
shared this idea
8 years ago
2
Votes
In the client area, customers can reset their password by clicking on a link in their email and entering the new password. This is not the case for the admin area, where a new password is generated and sent to the admin email.
I believe sending passwords in emails is a bad idea, since email is not a secure platform. Instead, I suggest that the admin password reset procedure is made similar to the client reset process, where the admin chooses their new password after clicking a link in their email, and then logins using the new password without it ever being sent in an email
I believe sending passwords in emails is a bad idea, since email is not a secure platform. Instead, I suggest that the admin password reset procedure is made similar to the client reset process, where the admin chooses their new password after clicking a link in their email, and then logins using the new password without it ever being sent in an email
Featured Comment