Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Implementing password expiry using sessions  RSS feed

 
Parsuram Samal
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
actually i am developing a banking project in which user's password will expire after say 7 days and they will be notified to change their password.How to do it ? Just give the logic. Thanks in advance
From Parsuram
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Welcome to Javaranch

Parsuram Samal wrote: Please give a small piece of code.


No. please read NotACodeMill .

by the way : notify the user after 7 days through Scheduler. I would use Quartz API which is free to use .
 
David Newton
Author
Rancher
Posts: 12617
IntelliJ IDE Ruby
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Seven days? Man, if I had to change my password every seven days, I'd change my bank in one.
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Seems to me that enforcing frequent PW changing is exactly what you don't want.

The reason being that this will push people toward easily remembered (and thus easily broken) PWs -or- to writing down the passwords where they can be stolen.

Instead, enforce rules on length, etc and push the users toward better PW management. Expiring PWs to prevent zombie accounts, sure but just renew the PW not change it.

Bill

 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!