If a user has registered but forgets their password, how do they retrieve or reset it?
mmm. password reset mails are send to users not admins! the new passwords are generated automatically and admins are not involved in any way!Can we disable that we can type a user's name? It's public info and anyone can send password resets to admins etc. It isn't a security issue just can become an annoyance.
I must of not explained myself clearly, it happens lol. Can we disable typing in a username in the reset form and only enable an email to to typed in?mmm. password reset mails are send to users not admins! the new passwords are generated automatically and admins are not involved in any way!
Hmm seems like we should have the option to show the forgot password link without the user taking that step.The link is showed after you filled in a wrong password or username/mail:
Does gmail still have this? We can add the +whateverwewant and it still goes to our e-mail?i just tested it out. it seems like any other password request form i have seen on the web!
it does not show a dropdown with matching user names which i feared you were talking about.
having both username and email id is a good thing imo.
if a user lands on your forum... he might not remember the email id he used to register on the forum. so username comes handy.
i actually know a couple of people who do not use their primary email id for forums.
they would use something like:
this works fine because gmail would still send the mail to firstname.lastname@example.org but since it has the keyword in it, you can easily filter the emails based on that parameter.
the reason behind using this form of email id is that you can recognize the company that sold your email id to spammers if you start getting spam on it!
Not exactly. Periods ('.') are filtered such that you can add them in an address and it won't affect anything. email@example.com is effectively the same as firstname.lastname@example.org or email@example.com.Yeah, just tried. Gmail filters basically any characters that they disallow it seems?