Forgot Password/Reset Password trouble...

Discussion in 'Troubleshooting' started by t01etown, Jul 31, 2019.

  1. t01etown

    t01etown aMember Pro Customer

    Joined:
    Oct 8, 2006
    Messages:
    7
    We were recently upgraded and since the upgrade have been having issues with people trying to recover passwords. I thought the error was mine, as the email sent when requesting password reminder did not actually contain the password, but after doing some searching have read that this is a security "fix" in this version. I also read to have folks redirected to reset password page, rather than resend password since it is not stored, but how can they reset password if they have forgotten in in the first place?

    I have people email me directly and I go in a set a temporary password, which I then email to them so they can log in and manually reset, but this is not a good fix. What am I missing here? If they can no longer retrieve password via the "Forgot your password" link, and they cannot reset without entering their current password (which they have forgotten) what are they supposed to do?

    Thank you for your help!
  2. caesar

    caesar aMember Pro Developer Staff Member

    Joined:
    Oct 16, 2009
    Messages:
    2,295
    Hello,

    Current password is not necessary at all to reset password.

    Do you mind to contact us in helpdesk? We will check what is wrong with your installation:
    https://www.amember.com/support

    Best Regards.
  3. t01etown

    t01etown aMember Pro Customer

    Joined:
    Oct 8, 2006
    Messages:
    7
    As a test I used your forgot password link here on this website, to see how it works, then saw the "sendpass" text and searched that... I changed the email that we send for forgot password to the following link:
    http://www.toletown.com/amember/login?sendpass but it gets sent to them exactly like that... the email I got from your website had extra characters on the end. So, when they click the link it just takes them in a circle, back to the page they just came from.
  4. caesar

    caesar aMember Pro Developer Staff Member

    Joined:
    Oct 16, 2009
    Messages:
    2,295
    You need to use placeholder %url%. aMember replace this placeholder with actual link with secret token.
    User can use this link and set new password.

Share This Page