When writing a register.php page do you think it would be best to get php to crete the password and automatically email it to the user when they register or would it be best to allow the member to choose their own password when registering?
If you think one is better than the other can you specify why you think that?
It agree that it is far better to let the users/members choose their own password.
If security is an issue, just do some basic checks to make sure the password is of a specific length, has both letters and numbers, upper and lower case in it, etc. etc.
Many forums generate a password to check the email address is valid, then in the email that is sent to tell the user the password, contains instructions to change it to whatever the user wants.
I don't really like forums that force that, but if fake email addresses is an issue, it would be a good idea.
Thanks for the replies folks. I think i'll set it up to allow members to choose their own passwords. The reason behind it is because when they revisit they'll need to login again to get access to the lastest job posts.
The reason I thought about using PHP to generate the password was to make sure they entered a valid email address but I'll just use PHP to check if it's valid instead.
What they mean is they e-mail the server generated password to the user and they enter it to log on. So the email addy would have to be working for them to recieve the password.
Posting Permissions
Bookmarks