An attacker may take advantage of the application feature to help users
						recover their forgotten passwords in order to gain access into the system
						with the same privileges as the original user. Generally password recovery
						schemes tend to be weak and insecure. Most of them use only one security
						question . For instance, mother's maiden name tends to be a fairly popular
						one. Unfortunately in many cases this information is not very hard to find,
						especially if the attacker knows the legitimate user.