Security QA for Forgotten Password
This is an old revision of the document!
Have you ever noticed that some websites require you to supply them with a security question and answer for your account? If you forget your password, you are required to provide those credentials in order to retrieve a new password. This protects customer information and ensures that the original creator of the account will always have a way of getting their account back (if their account had been hacked/stolen).
In this tutorial, I’m going to explain how to add those two fields to the registration page and require them to be provided on the forgot password page - where they the information will be validated.
Please open the following files, as we will be working with them: