Charles Lau dot Com

I was trying to log into a website which I have entered quite some time ago. I somehow couldn’t login, probably because of my incorrect username or password. I was happy to see “Forgot Password” link as always. I went in, and I was asked my username and email. I gladly entered them, and on the next page I was stunned there! So, what is my answer to that secret question?? So I have also forgotten that answer, now what?

Sometimes, these website owners couldn’t understand the feeling of the consumers. We are all human beings, and we have to understand numerous passwords everyday. Nevertheless, it has become natural for many of us to use the same password everywhere we go. It is still however a loophole there if your website owner isn’t a good guy afterall! If he knows which other websites you have gone to, we can all imagine what he can do to your many other websites’ accounts…

Most of the websites have now removed away the password challenge by asking the intruder a question for their identity. Now, they have done it in another way. For example, I personally like the WordPress style of password challenge. If I forgot my password, all I need to do is

1. to key in my username and email. That authentication is pretty good enough because I have to remember both my username and email used.
2. Then, I am emailed of a link to click. So I check my email and click it.
3. Then, I am emailed again. This time round, it is my new password!

Isn’t that sweet? Instead of remembering my answer to your question, I just have to remember my username and email used. And to check my email for that extra security to ensure I am the actual one! If not, the email owner will simply ignore it since it will not change the settings anyway.