How to Implement Password Resets?

Question

I\'m working on an application in ASP.NET, and was wondering specifically how I could implement a Password Reset function if I wanted to roll my own.

S

Answer 1

1) For generating the unique id you could use Secure Hash Algorithm. 2) timer attached? Did you mean an Expiry for the reset pwd link? Yes you can have an Expiry set 3) You can ask for some more information other than the emailId to validate.. Like date of birth or some security questions 4) You could also generate random characters and ask to enter that also along with the request.. to make sure the password request is not automated by some spyware or things like that..