Earlier comment is correct that you shouldn't email a password. It's actually not necessary, or even possible. The stored version is a "one way hash" -- which is not reversible; there's no way to get the password from the hash -- and you (should) only have access to the hashed value. (Obviously it could be hacked to store the value un-hashed... but don't do that :-)
The user should know the password if they just created it. And if they've forgotten, then just send them a Reset link.
A system admin should never have access to the passwords of any of the system's users... in fact, that's the (US) law (Sarbanes-Oxley) in many types of applications, e.g. financial transaction site of any publicly traded company.
Hello,--
after successful registration of the user, how to send personal information (password) to the user in emails? I personally use send_mass_mail. But I have a problem that the password is not in text, but it's in the "encrypted" form.
I do not know how to send user's data but now they need it, and I have not found documentation on how easily I can get the password to display the text format.
I use this shape:
message = 'Hi, registration date:' + 'Your name:' + user.username + 'Your password:' + user.password
....
email.send ()
Thanks for any advice!
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/3bc6d503-20ef-4002-b291-753d83786dfd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment