I just got an idea and I thought of blogging it. Its relates to the ubiquitous Forgot password page on almost all the web services.
Currently sites ask you for your login id/email id and then either email you the password in clear text or send you a link from where you can reset your password. Most of the times you have to prove that you are human through a captcha.
The above interaction involves a lot of steps and frustrates me to no end as I keep on forgetting passwords all the time.
My idea is simple. In case the user's registered email id is any of the email services like Google, Yahoo, Hotmail, (i.e. a service which supports OAuth/OpenID), the webservice can simply ask the user to authenticate herself and immediately open up a form to reset the password. Wow.
Feedback please :)
