翻訳と辞書
Words near each other
・ Pastan
・ Pastanjauhantaa
・ Pastavy
・ Pastavy Raion
・ Password (video gaming)
・ Password Authenticated Key Exchange by Juggling
・ Password Authentication Protocol
・ Password bank
・ Password Change Notification Service
・ Password cracking
・ Password fatigue
・ Password Hashing Competition
・ Password length parameter
・ Password management
・ Password manager
Password notification email
・ Password Plus and Super Password
・ Password policy
・ Password psychology
・ Password Safe
・ Password strength
・ Password synchronization
・ Password-authenticated key agreement
・ Password-based cryptography
・ Passwords (band)
・ Passy
・ Passy (disambiguation)
・ Passy (Paris Métro)
・ Passy (surname)
・ Passy Cemetery


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

Password notification email : ウィキペディア英語版
Password notification email

Password notification email is a common password recovery technique used by websites. If a user forgets their password then a password notification email is sent containing enough information for the user to access their account again. This method of password retrieval relies on the assumption that only the legitimate owner of the account has access to the inbox for that particular email address.
The process is often initiated by the user clicking on a forgotten password link on the website where, after entering their username or email address, the password notification email would be automatically sent to the inbox of the account holder. Some websites allow the user to choose to include the password in every email sent from the website. This has the problem that all of the emails received must be treated with the same security as a password notification email.
The email sent could contain a new, temporary password for the account or a URL that can be followed to enter a new password for that account. The new password or the URL often contain a randomly generated string of text that can only be obtained by reading that particular email.
Another method used is to send all or part of the original password in the email. Sending only a few characters of the password, can help the user to remember their original password, without having to reveal the whole password to them.
==Security problems==
The main issue is that the contents of the password notification email can be easily discovered by anyone with access to the inbox of the account owner. This could be as a result of shoulder surfing or if the inbox itself is not password protected. The contents could then be used to compromise the security of the account. The user would therefore have the responsibility of either securely deleting the email or ensuring that its contents are not revealed to anyone else. A partial solution to this problem, is to cause any links contained within the email to expire after a period of time, making the email useless if it is not used quickly after it is sent.
One problem with sending the original password in the email is that the password contained within could be used to access other accounts used by the user, if that user had chosen to use the same password for two or more accounts.
Emails are often not secure so, unless the email had been encrypted prior to being sent, the contents could be read by anyone who eavesdrops on the email.

抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「Password notification email」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.