The frequent mistake in these kinds of password-recovery solutions is that the application allows the user to request an email containing his password in clear text. This is a dire security flaw related to the database design, and it leads to several security risks that could allow unauthorized people to gain privileged access to the application.
Let’s explore these risks in the following sections, assuming our example bug-tracking database has a table Accounts, where each user’s account is stored as a row in this table.
A password is typically stored in the Accounts table as a string attribute column:
CREATE TABLE Accounts (
account_id SERIAL ...