|
|
|
|
|
|
by StavrosK
2345 days ago
|
|
|
In a previous job I implemented a recovery page with a long random key (also posted as a QR code) that you could print out and use as an emergency password reset if ever required. You'd scan the QR code and it would take you to a page where you could set a new password directly. This, coupled with a "I know what I'm doing, never let support reset my password" option that disabled changing the user's password for anyone without direct write access to the production database was pretty good for security, I feel. |
|
|