0

I need to make a forgotten password system, which works like this

  • User puts email in
  • Email sent to user with a link
  • Link goes to a one time page which allows the user to change their password

I understand about php mail() but haven't got the slightest clue how to make this work.

Thanks for any help in advance!

4
Contributors
4
Replies
38
Views
4 Years
Discussion Span
Last Post by Squidge
0

What usually happens is that you store the email address and a generated code in a database, which you use to create the link. When the user clicks the link, he is taken to a page that verifies the code against the database.

1

Just remember to NEVER send out the original password with the email, if they've forgotten it then that is the way it should remain.

Either generate a new random one for them, which they should change or are forced to change at their next login or with a link to a password reset field.

Edited by Octet

0

Deffinatley agree with AHarris.

User would need to use a "Forgot Password (I'm stupid) Link", where user name or email is used to validate against.

This then creates a random token string whcih is emailed as part of a URL where the user is then forced to reset password.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.