An Integrated Mechanism for Resetting Passwords in Web Applications

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations

Abstract

It is very common for people to forget their passwords and request to reset their password through web browsers. This leads to the critical question of how a software developer should simply and safely, store and change a user's password for a web application. When an application stores a user's password in a database, the password must be encrypted so nobody can query the fields and see the original value. It is bad design to send or display the original password to the user when a user resets their password, as the information could be seen or intercepted. On the other hand, it is also inconvenient that users must memorize additional information in the form of security questions when attempting to reset the password. When resetting a password, it is better to use a user's basic personal information and email or text them a reset URL link with encrypted codes. This paper presents an integrated mechanism that utilizes PHP and MySQL functions to reset user passwords and improve the security for resetting passwords. The method can also protect the database from being attacked by reducing unnecessary access to the database. A case study is discussed in this paper.

Original languageEnglish
Title of host publicationProceedings - 2017 International Conference on Computational Science and Computational Intelligence, CSCI 2017
EditorsFernando G. Tinetti, Quoc-Nam Tran, Leonidas Deligiannidis, Mary Qu Yang, Mary Qu Yang, Hamid R. Arabnia
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages50-54
Number of pages5
ISBN (Electronic)9781538626528
DOIs
StatePublished - 4 Dec 2018
Event2017 International Conference on Computational Science and Computational Intelligence, CSCI 2017 - Las Vegas, United States
Duration: 14 Dec 201716 Dec 2017

Publication series

NameProceedings - 2017 International Conference on Computational Science and Computational Intelligence, CSCI 2017

Conference

Conference2017 International Conference on Computational Science and Computational Intelligence, CSCI 2017
Country/TerritoryUnited States
CityLas Vegas
Period14/12/1716/12/17

Keywords

  • database
  • MySQL
  • password
  • PHP
  • security
  • Web Application

Fingerprint

Dive into the research topics of 'An Integrated Mechanism for Resetting Passwords in Web Applications'. Together they form a unique fingerprint.

Cite this