I need to make a forgotten password system, which works like this

  • User puts email in
  • Email sent to user with a link
  • Link goes to a one time page which allows the user to change their password

I understand about php mail() but haven't got the slightest clue how to make this work.

Thanks for any help in advance!

5 Years
Discussion Span
Last Post by Squidge

What usually happens is that you store the email address and a generated code in a database, which you use to create the link. When the user clicks the link, he is taken to a page that verifies the code against the database.


Just remember to NEVER send out the original password with the email, if they've forgotten it then that is the way it should remain.

Either generate a new random one for them, which they should change or are forced to change at their next login or with a link to a password reset field.

Edited by Octet


Deffinatley agree with AHarris.

User would need to use a "Forgot Password (I'm stupid) Link", where user name or email is used to validate against.

This then creates a random token string whcih is emailed as part of a URL where the user is then forced to reset password.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.