1

we usually send some verification link into email when users registered to verify users email. The link may look similar to 

http://www.example.com/register.php?id=12832&&unique_number=ij86435232as

it means that we have to store this unique number in our database to verify users identity.

I'm thinking that if we send user password into his email and tell them that

check your email , we sent your username and password

Because now we don't have to save additional unique number in our database , we are saving memory

so my question is that, is that anything wrong for this approach .

Inactive
  • 71
  • 10

1 Answers1

0

If you want your application to be considered secure, it's not wise to send plain-text passwords out via e-mail.

The amount of storage required to hold your unique number is trivial in the extreme, so I'd continue to do that.

Steve Morgan
  • 12,978
  • 2
  • 40
  • 49