|
|
|
|
|
|
by _ud4a
5261 days ago
|
|
|
as it was previously mentioned, i don't see the need to send any passwords to the user to begin with. you can just follow this flow:
1) Port all the username and password to the new site and hash the passwords
2) update the login mechanism to check against the hash password
3) send a note out to users saying "we've upgraded our site to a new system. You can still use your old credential to login with no problem. if you've forgotten your password use our "Password recovery" feature." then users can login just as they would before and the transition would be transparent. and if they've forgotten their password they can use the recovery feature on your site which would generate a new one for them. |
|
|