Posted 11 days ago. Visible to the public.

Best Practice: Creating User Accounts Without Sending the Password

In applications without a sign-up, user accounts are usually created by an admin. This imposes two challenges:

  • How to transmit the password securely and
  • How to make the user change the initial password immediately

There is a simple solution: create the account with a secret password, then ask the user to use the password reset with his user name.

Growing Rails Applications in Practice
Check out our new e-book:
Learn to structure large Ruby on Rails codebases with the tools you already know and love.

Owner of this card:

Avatar
Dominik Schöler
Last edit:
11 days ago
by Dominik Schöler
About this deck:
We are makandra and do test-driven, agile Ruby on Rails software development.
License for source code
Posted by Dominik Schöler to makandra dev
This website uses cookies to improve usability and analyze traffic.
Accept or learn more