Author

Topic: Password reset versus password changed - time duration of log (Read 186 times)

sr. member
Activity: 462
Merit: 254
Password reset is shown for 30 days at trust page. Password change only three days.
But I don't understand that. Shouldn't it be opposite or at least same time shown?
When an account is hacked, then mostly when password is too weak, used also in other sites or account data are leaked. So in my opinion, for the case, that account is hacked,  the probability is higher, that a password will be changed than being reset. Password reset requires, that the hacker also has access to the email.
But mostly, I think, password reset is done, when one forgot password, like me actually.
So I would suggest to show password change 30 days and reset three days or both thirty days or both three days.
Jump to: