-
Dec 4th, 2012, 05:16 PM
#1
Thinking of using this technique to allow for initial user authentication
We want to send a regular "letter" in the regular old postal carrier type of mail delivery method - to a bunch of users who we want to allow access to a secure web page.
They will login with the email address they have given to us - which we have marked in a CONTACT table for these individuals.
With that said - the letter does not need to include the EMAIL address - we can simply tell them to use the email they gave us.
The question becomes what do I tell them to use as a password? How bad of an idea is it to put a PASSWORD in this letter - and make it be the same INITIAL password for all these contacts that are going to be connecting??
Obviously I would "pre-expire" this initial password for each user - so they have to select a new one upon the initial login.
-
Dec 5th, 2012, 12:28 PM
#2
Re: Thinking of using this technique to allow for initial user authentication
Why not allow them to use the email address for both username and the initial password. At the first login require the password be changed before allowing any navigation to the rest of the site. This isn't very secure but it may be more so than sending a password.
-
Dec 5th, 2012, 12:48 PM
#3
Re: Thinking of using this technique to allow for initial user authentication
Wow - that is totally a psychic moment here - I was just thinking I could do that as well!
Seems better then making up a password. If they can't type there own email address twice - then I'm going to get a phone call for help anyway!
-
Dec 5th, 2012, 05:48 PM
#4
Re: Thinking of using this technique to allow for initial user authentication
If you're sending the username and password via e-mail, I would suggest sending two separate e-mails. One for the username and one for the password.
-
Dec 8th, 2012, 08:03 AM
#5
Re: Thinking of using this technique to allow for initial user authentication
We are using regular postal mail - snail mail.
Sending 600 emails to people with URL's and un's and pw's just gets you spam blocked - did that last year and learned a lesson.
We drafted a real letter - and an instruction page - and they go out next week.
We are going to use an email-blasting service to send updates and info to this contact group - let them deal with spam blocking and all that jazz.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|