So on my site, users can sign up and if they happen to forget their password, they can fill in their username or email address and the backend resets their password to a random one and emails it to them - if they exist in the database.
Would it be better to do the following though?
- User enters their username/email and requests their password be reset.
- Web site sends them an email asking if they really want to and encloses a unique hash in a URL.
- User can then click this URL if they really do want to reset their password.
- Password is reset and they are sent an email telling them the password.
I thought this idea would be better, as you could have a malicious user on your site continually resetting everyone's passwords and then the "innocent" users wouldn't be able to access the site until they've checked their email and got their new password, gone on to the site and log in then change their password. Bit of hassle for the users.
Is this the way that most user sites work with password resetting?