|Posted by:||Homdax||Posted:||23/01-2014||Assigned To:||No user assigned|
|From my experience at work we have a few systems that do not allow a user to create their own password. The passwords are always generated given a certain complexity requirement.
We already have a password generation, hence I suggest we should apply it to the registration form, allowing a registering member to see the generated password (print it, save it or whatever) but not be allowed to input anything by themselves.
In order to facilitate storage of password I would recommend http://lastpass.info, http://keypass.org or http://identitysafe.norton.com , as examples.
Password reset works as usual of course.