I’m working on a web based system (PHP & MySQL) that has users who can log in. The problem is that all this has to be very secure. Now, I’ve read up on how to store passwords, we use an encrypted connection and lots of other safety measures are taken.
The last problem I need to solve is that the administrator who sets up accounts (ie. enters names and e-mail addresses) has to invite users to the application. He needs to be able send out a generated e-mail to a new user containing a link. If the user clicks that link he will be taken to the system and he will have to set up his password. What are best practices in sending these kinds of e-mails? I’m aware that I should use some sort of hash consisting of information about the particular user in order to make sure that the user who is at the page is actually the user that has clicked on the link. What other measures should I take?
Or would it be better to auto-generate a random password, e-mail that to the new user and let him change it after his first login?
IMO the best method would be to not generate a password but only a random hash which can be stored in either a separate table or with the users table. Following can be used as structures of tables:
Now whenever a user is added, the information is stored in the users table and an entry is generated in invites. The email that is sent contains a link like https://yoursite.com/user/activate.php?userid=x&hash=7a657ab435f4543543543543 If the userid and hash match, you ask the user to choose his/her password. If the password change is successful you change isactive to true.
A user account cannot be used unless the isactive value is true i.e. your queries will be of type ‘SELECT fields FROM users WHERE userid = $userid AND isactive = 1’. Also you may use the senton value in invites to check if a user has not accepted an invite, you may then send an email with the link again(let’s say after 3 days) and an option to decline the invite. If you still don’t get the user’s reply in 3 days, you automatically delete the invite.