views:

79

answers:

1

I friend of mine just posted on Buzz a question:

When you hit "Forgot your password" in most of the pages, they will send you an email with a link (most of the time it will expire after sometime) to reset your pass. In most cases that link includes something like a UUID. Is there a name for this technique? Making an expirable url / link? The way I will do this is just generating a UUID, or something simpler and doing all the expire stuff programmatically. I'm wondering if there is a name for this kind of technique?

After reading his question, I'm now curious about the same, this technique already got a name, or better, it's already considered as a pattern for the global community?

+1  A: 

You can call this Self-service password reset with authentication token.


Resources :

Colin Hebert