To answer this question, let's go through each option:
Option A) We should first ask the user to supply some details like personal details or ask a hint question. If the credentials supplied are correct, display the old password.
This option is incorrect because displaying the old password directly to the user is not secure. It can potentially expose the password to unauthorized individuals.
Option B) We should first ask the user to supply some details like personal details or ask a hint question. If the credentials supplied are correct and the account is not disabled, display the old password.
Similar to Option A, this option is also incorrect because it involves displaying the old password directly to the user, which is not secure.
Option C) We should first ask the user to supply some details like personal details or ask a hint question. If the credentials supplied are correct and the account is not disabled, then we should send an email to the user's authorized email ID with a link which will allow them to reset their password.
This option is the most secure way to design the Forgot Password feature. Instead of displaying the password directly, it involves sending a password reset link to the user's authorized email ID. This ensures that only the authorized user can reset their password.
Option D) We should first ask the user to supply some details like personal details or ask a hint question. If the credentials supplied are correct and the account is not disabled, display the new password.
Similar to Option A and B, this option is also incorrect because it involves displaying the password directly to the user. Displaying the new password without any additional security measures can potentially expose the password to unauthorized individuals.
Therefore, the correct answer is Option C. This option is the most secure way to design the Forgot Password feature as it involves sending a password reset link to the user's authorized email ID.