Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Basically when a user wishes to recover their password, I generate a hash and store it in a MySQL Database. I do not want this hash to exist forever though, but to be removed from the database after say 5 minutes.
Does anyone know how to do this?
Also if anyone has any ideas about implementing password recovery in a different way I would love to hear.
Thanks in advance, Tom.
Next to the hash, store a date with it. Whenever that date is in the past, the recovery key doesn’t work anymore.
No need to actually delete the key then
edit based on comments:
You should run a cronjob every now and then. For example once a day, to delete the keys not used, and already expired.