Forgot Password?

Clicking on this provides the user the following message:

Forgot your ID and /or password? No Problem! Please, supply your e-mail address below and you will be sent your <web site name> account ID and Password.

The end result does not match the text supplied to the user.

From a user's standpoint, account Id is their logon id (i.e. gsmith) not their database record id. 

The form says nothing abouut the fact that their password will be changed.

Is there code out there to:

1) send the user their logon id and not their database record id?

2) send them their original password and not have it changed?

Thanks!

Peer

Hi,

the email shows the ID, because it is including a new password.. after all they hit the "forgot pass" button....if it included the Logon ID ou username/nickname and the password, it would be considered dangerous...at least in our point of view, seeing how easy it is to have an hotmail account broken into...

The idea when a user cliks there is exacly to get a new password...of course it is not very hepful if what he forgot is his username...

I would guess the best would be to have 2 buttons: "forgot your password" and "forgot your username"...how can this be done? No idea...But it looks like that is what you are looking for...

Regards,

Actually, you can login with either your username, email, or ID.

Yes, sorry Magnus, I was assuming the standard log in with username...

But it is a fact that tha button there just recovers your access by giving you a new pass...what if what the user does not remember is their username or ID or (less likely but you never know) their email of registration...

You're sent both your registered ID and a new, randomly-generated password, so there's no need to worry when forgetting either of those two. If you forget your email, you might be screwed (which seems unlikely, unless it's a really old one that's been out of service except for a few forgotten sites).

Right, as always :)))

Can we rename the field from username to username/ID/email?

If you're talking about the login box, this can be done by editing a language key.

Thanks...it crossed my mind after writing the previous post...oh, it is Friday anyway, I guess my head just went on weekend before I noticed...

Anyway, I guess the member that posted originally will have all is questions solved...lol

Regards,

Thanks "all y'all" I have some ideas. I might see if I can figure out how to send the email...

Dear <username>,  your password has been changed to <new password>.

Logon with this new password and then ..... <the steps to change the password>.

This way, we don't get support issues with, "how do we change our password back to......?"

I was able to do something like this in joomla.

Again, thanks to everybody for your ideas...

Peer

Almost.

@OP: You can have the email provide the user's username instead of their ID by changing the appropriate value in the related email template. To do this, navigate to Administration > Settings > Email Templates > Forgot password email message. Replace <recipientID> with <RealName> and change any associated wordage. Instead of the user's ID in the email, their username will display, instead.

Having it send you their current password instead of a new one would be above my knowledge of wizardry.

@Mag... thanks for this lil tidbit. I figured it would be in there somewhere. Thank you for saving me from digging through scripts looking for the <RealName>  variable...

Again.... Thanks again to all!

Peer

So that everyone who is asking about sending the current password knows, it is impossible. The password is hashed. The clear text version of it is not stored and should not be for obvious security reasons. Or at least the reasons should be obvious. The password cannot be un-hashed.

Actually, you can display the user's current password in an email template by using <Password>.

Again! Thanks to all. I have successfull made the changes which will work better for our site.

One thing I really liked.. I did not have to do a code change as in Joomla. I just changed some field values... This way when we do an upgrade, I won't have to worry testing my code changes...  because there won't be any.. Right?

This is a huge plus... The more I learn the more I like with the Dolphin product.

Thanks to All!

Peer