Home/ Questions/Q 6711269
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T08:07:11+00:00

Could anyone please provide resources on how to reset password in Java web application

  • 0

Could anyone please provide resources on how to reset password in Java web application connected to db where password stored as hashed(password+salt+secretphrase)? I am also using Spring, so if it has something in this area please identify.

I know the general technique:

  1. “Password reset” button
  2. Ask user to confirm its identity – via entering email.
  3. Token is generated and send to mail adress. (how ? It is hash of what? which properties? how to send automatic mail message?-never done that before)

  4. User goes to token link provided webpage, where new password field awaiting.

    • Token has time validity, judging from other similar questions ideally few hours.
    • Don’t use security questions as they infinitely impractical.

What I am asking is some pseudo-code or example implementation on how to generate tokens and send token mails to users.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    When you say java, do you mean web application in java ?
    Your functionality needs a lot of different components.

    • For the password recovery, add a button in jsp which makes a call to servlet. That servlet should redirect to a new jsp which has field to enter email.
    • Once the enter the email and submits. The request should go to another servlet which makes a db call and verifies the email. If the email is valid, then you can generate a token. Token can be generated by the Math.random() function. Generate some bunch of numbers and using those numbers create a string. e.g. for creating an all alphabet string divide the number by 26 and choose the character based on the remainder.
    • Finally another jsp page which allows choosing a new password.

    You can use JavaMail api for sending emails.
    Spring framework has many components, you can use it for frontend, DB calls and for sending mail. You need to go through the documentation to learn about them.

    • 0