Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

We currently have what I believe to be a pretty standard scheme for dealing with

ID: 659893 • Letter: W

Question

We currently have what I believe to be a pretty standard scheme for dealing with password resets. Our reset links are single-use links: They expire immediately after they've been visited, even if the user doesn't actually reset their password.

However, our customers are predominately (99%) businesses with aggressive spam filtering. In particular, some of our biggest customers (school districts) have a spam filters in place that perform link-scanning. They visit [up to N] links in an email as part their algorithms. When users request a password reset, the links are "expired" by the spam filter's visit before the user sees them.

Are there any alternatives to the single-use link that are equally secure? Or that are secure enough to fall within the realm of acceptable practices?

We also need to consider usability. Our customers are generally about as non-technical as you can get. So ideally, the password reset procedure won't become [much] more complicated for the user.

Explanation / Answer

As always, you have to consider the value of the asset you're attempting to protect in order to properly assess if a security procedure is adequate or not. Typically, you'll be willing to accept lower usability when the value of your asset is high.

This means that it's impossible for anyone than yourself to estimate whether a given solution is secure enough.

That being said, a simple way to solve your issue is not to have your links expire immediately but have them expire after a period of time OR when the password has been reset (whichever comes first).

In order to decide whether this is secure enough for you, and assuming you're satisfied current setup, you will need to consider the following changes:

The same link can now be reused several time. This potentially weaken the security of the system.

However, you are currently working on an assumption that is incorrect: the first person to visit a link is the legitimate user. It's clearly not the case (as you've noticed). The consequence is that you're not really increasing the overall security by having the link expire immediately after first access.

So, in my opinion, changing the way your access token expires seems like a better solution: you're increasing usability without impacting the overall system security.

You might, however, consider including some second-level validation in the page you land in when using your reset link. Something that will somehow improve your confidence the user identity (typically, a "security question" is used although that model is not very good).

Related Questions

We consider a probabilistic model for a fault diagnosis problem. The class varia
Question #3333093
We consider a program which has the two segments shown below consisting of instr
Question #673930
We consider a second-order logic where, in addition to first-order variables, on
Question #3184903
We consider a system of two masses, m1= 1, m2= 4, coupled by three springs with
Question #2964838
We consider an extended version of the activity selection problem discussed duri
Question #2246720
We consider one more variable—2001 family income—and its relationship with stude
Question #3054372
We consider the \"Towers of Hanoi\" problem with 7 disks of different sizes and
Question #3420779
We consider the alphabet A= {0,1,2,3,4} and the space of messages consists of al
Question #3888227
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
We currently have an interface for an asynchronous video decoder that runs on it
Next
We currently rely on non-renewable energy sources, which are quickly becoming de

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.