Sign in confirm link best pratice?
https://stackoverflow.com/questions/7215617
-
14-01-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
as by title, which is the best way to build the sign in email confirm link?
i suppose id_user/23414/pass/md5(user password)
not? :P
Solution
You should create a token and assign it to the user - a guid or something. You shouldn't send the user id or the hashed password.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
