I want to make an email confirmation registration, so that when the user registers

Question

0

Asked: June 9, 20262026-06-09T16:28:30+00:00 2026-06-09T16:28:30+00:00

I want to make an email confirmation registration, so that when the user registers

0

I want to make an email confirmation registration, so that when the user registers he or she gets an email with a link to confirm it. The link being something like: www.site.com/confirm?id=34398df809as8df9 and then matching that with the UserId in the database from the standard aspnet membership provider. Is using the UserId as the guid being passed to email pose any sort of vulnerabilities or security threat?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-09T16:28:31+00:00

Editorial Team

2026-06-09T16:28:31+00:00Added an answer on June 9, 2026 at 4:28 pm

Is the GUID the only think in the link? If so, that’s absolutely not secure. It means that once an attacker has anyone’s ID (e.g. by finding an old email) they can reset the user’s password whenever they want.

A password reset link should at least include a single-use, time-limited token.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I want to make an email confirmation registration, so that when the user registers

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply