Password resets have always been an issue with Drupal 7.
Normally the password reset link goes to a landing page telling you to change you password, then it directs to the user account edit page and doesn’t force the user to change their password. So what happens is they never end up changing their password to something they’ll remember and they keep requesting a new password reset link. This module replaces that landing page with the password reset form:
Password Reset Landing Page Module
The other issue is that once user’s log in through the password reset link, they still don’t know their current password, so they can’t change it. That defeats the whole purpose of the password reset link. This module removes the requirement to know the current password:
No Current Password Module
The modules can be used together or separately. If I were to choose one, I’d go with the Password Reset Landing Page module. The No Current Password module gets around a security “feature” in Drupal 7 that requires a user to enter their password to make changes to the account’s email or password. In cases where someone may leave their account logged in at a public place or shared computer, it prevents someone from locking the user out of their account.
1 reply on “Better Password Reset in Drupal 7”
I absolutely love your blog and find many of your post’s to be exactly I’m looking for.
Would you offer guest writers to write content for you personally?
I wouldn’t mind writing a post or elaborating on a number of the subjects you write regarding here. Again, awesome website!