PKP Bugzilla – Bug 8459
change forgot password from 2 steps to 1 step
Last modified: 2013-10-28 09:12:46 PDT
It confuses a LOT of people to have two emails necessary for lost passwords. Plus, they require sending the password in an email, which is probably not a best practice.
We should be able to use the token functionality already in OJS now to change this to a single email, with the following steps:
1) Request Password reset
2) Receive email with link to confirm password reset. Link should contain login token. Account should force changing password on login.
3) User arrives at screen requesting new password.