Sending Usernames And Passwords

Because of the recent vulnerability, a lot of sensitive information needs to be changed on servers and carts. I manage a lot of carts and servers and will need to send my clients the new information. What is the best way to send this? Usually it isn’t a big deal since the client sends me info and I send it back, but it is pretty limited and usually only one client here and there. Obviously this effects everyone and since I have quite a few clients, I will need to send a lot of info.

I’ve used SpashID before with a client, but you have to purchase their software to be able to use it. Plus, it kind of sucks to have to use.

How would you guys recommend me sending all of my clients their new information?



I am thinking that users should use the forget password function.

Use a script to trash all user passwords. Then send an email to all users explaining the situation and to log in they need enter their email and use forget password to enter a new password for themselves.

I'm not talking about the customers. I'm talking about resetting the server passwords, cPanel passwords, ftp passwords, etc.



I use:

It's a read-once and it's gone approach. Seems to be very secure and easy to use. Someone can either send a link that can be used once or a password that can be used once. Seems that the password approach is counterproductive so I always use the link.

I have used same thing as Tony's link.