We have a system that uses password authentication to access a database, the usernames and encrypted passwords are stored in the database. when a user forgets their password, (or the administrator leaves for greener pastures) we want to be able to generate a new password for the current administrator or generate a new administrator.
We deal with our clients via telephone support. So we want to use this scenario:
user rings up - forgotten password.
client software generates a challenge code based on their site license
user tells phone support staff the challenge code
phone support staff give a response code
user enters challenge and response code, and goes in the backdoor (either new user created or password of current user reset)
We want the challenge/response to only work once, we dont want to leave the backdoor open.
how should we go about it?