

Alcatel - Lucent email for resetting password - samikc

This is the mail that I got from Alcatel - Lucent:<p>Dear Applicant<p>We have recently enhanced our Alcatel-Lucent career platform to provide you with an easy access to hundreds of interesting and challenging job opportunities in our company.<p>To log in directly into our job search tool and browse and apply to our vacancies as well as to edit your existing candidate profile please follow this link: https://aluperf.taleo.net/careersection/10000/jobsearch.ftl?lang=en<p>If you had created a candidate account or submitted an application in the past to Alcatel-Lucent you will have to reset your password to access your personal information. Please click on ‘Sign in’ (link next to ‘My Job Cart’), and then follow the ‘forgot your password?’ link, you will be able to obtain a temporary access code via email which in turn will allow you to create your personal password and access your candidate profile.<p>For general information about working for Alcatel-Lucent please follow this link: http://www.alcatel-lucent.com/careers<p>Thank you for your interest in job opportunities at Alcatel-Lucent and for submitting your application details to us!<p>Alcatel-Lucent Recruitment Team<p>Look at the part:<p><i>If you had created a candidate account or submitted an application in the past to Alcatel-Lucent you will have to reset your password to access your personal information. </i><p>I mean, they don't even have a migration plan for user generated data. Or may be they didn't care.
======
ig1
It's not an unreasonable approach, if they wanted to migrate passwords they'd
have to modify the new system to support the hashing system used by the old
system.

In this case I'm guessing that they've outsourced the process to Taleo's SaaS
system so that's not feasible, but even if it would be it may well make sense
to take this approach. After all you should avoid modifying a tried-and-tested
authentication system whenever possible, you're just asking for security
vulnerabilities when you do so.

Getting users to go through a password reset process is a relatively painless
process.

