Say a user registers on a site with an email address that needs to be verified first before accepting the user’s registration.
The general approach is to send an email to the email address provided. The user then checks his/her inbox and clicks a link that would tell the site that the email address is valid. Usually, the link would have some sort of code embedded in it that tells the site whether it’s a legit validation of the email address.
My question is about the code. What’s the best way to implement it? Some ideas:
- A random string is generated when a new address is entered into the site. This random string is stored in the the DB and then emailed to the registrant. The link in the email will contain the random string as part of the URL.
- The email addressed is hashed. This means nothing needs to be saved in the database because the application will know how to unhash this. (My concern with this approach is if the user later changes his email address to something he previously entered, the hash would be the same. Not sure if this poses some sort of security threat.)
- Some other approach?
I’m looking for general advice to this problem.
Number one, the random string, is the safest (and AFAIK, the most common) way to go: It makes it completely impossible to maliciously do things to E-Mail addresses that I haven’t received the E-Mail for.
Also, you can remove the random string after successful completion, making it clear that that particular address doesn’t need activation any more.