I have a question. I'm implementing a password recovery, then I thought: "What if a 'stranger' makes an unauthorized password recovery, changing someone's else password?" So, my first decision is: I'll set two fields in the 'user' table, called 'password' and 'temp_password'. If the real user asks for a password recovery, the new random password will be stored in 'temp_password' and an e-mail will be sent. In this way, a spiteful user won't change anyone else password and the e-mail owner can deny the password change attempt. Is that right? Thank you in advance for your help. Greetings
I would suggest you normalize this by storing the temp password in a separate table from your user table. Each user will most likely have multiple password recovery attempts during their lifetime and you'll want to store a record of each of those attempts for posterity.
If you keep the field in the user table, each subsequent request after the first password recovery request will override the previous one.
Make sure you have a column in this new table that indicates which request is currently active and have server side / database scripts that ensure only one row per user ID can have an active flag.